It all started with my Facebook account being hacked some years ago(someone successfully did xss phishing on me) ''i was like how did they achieved it !!!?''
I got curious and started searching online on how to hack into someones account,what I saw baffled me different methods on how to gain access onto someone else acct.. there I came across some hacking tools (password cracking tools like like John the ripper,burb suite etc ..) I was like how can I get any of these, then I started a little research on it and then I realized I had to install it on a Linux OS called Kali Linux (never knew there was a hacking OS till that day)... Curiosity got over me I then went on to install the OS on my Laptop and played around with some tools but wasn't getting any of it as I don't understand how any of the tools worked......

After learning some ethical hacking course on Udemy and tryhackme with lots of pdf (such as blackhat python, the art of penetration testing,Ethical hacking for dummy's,Social engineering: the art of Human pentesting, Kali Linux :Beginning Ethical Hacking,NMAP Network Scanning. etc ....) with some labs like Metasploit, tryhackme and metasploitable Then what? just it just stop their?? after becoming certified in ethical hacking on Udemy, does it stop there?? No! No!
From my learning and experience on youtube videos, they don't teach the real deal,they only show you how to Metasploit and nothing more Asif though there's a restriction I don't know at all new techs,new way of doing and exploiting things,New CVE-Exploits,but you won't find any on YouTube apart from how to Metasploit and nothing more......
Best way I think one to keep his/her skill in the field a topnotch is by practicing different kind of Virtual box's on Vulnhub (a website that contains different varieties and leveled based(from medium to Hard) virtualized server you could hack into )..
lieu to this i plan to hack through 100 Vulnhub machines this year by God's grace and share my experience for each and every machines on this thread ....
Just of recent some companys (like PICO) are beginning to hold CTFs in Africa and I would join and win one
I also encourage others to also share their experience


website to VULNHUB www.vulnhub.com
website to register and train play.picoctf.org

started with Bandit already at level 6
link to get started ::: https://overthewire.org/wargames/bandit/bandit0.html
The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to learn basic to advance Linux bash commands and play other wargames.
link

Bandit Level 6 → Level 7
Level Goal

The password for the next level is stored somewhere on the server and has all of the following properties:

owned by user bandit7
owned by group bandit6
33 bytes in size

Commands you may need to solve this level

ls, cd, cat, file, du, find, grep

personal work through:

This level required a much more complex find command. Given that the file could be anywhere on the system we have to start the find at the root level. From there we specify what owner(bandit7), group(bandit6), and size(1033kb) of file we are looking for. The only new addition to this level is that we need to discard any errors or we will never be able to sort through all of the junk that comes back.

Join the discord server. We have a section for Cybersecurity.

Bandit Level 7 → Level 8
Level Goal

The password for the next level is stored in the file data.txt next to the word millionth
Commands you may need to solve this level

grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

This level introduces two new commands, grep and pipe. The pipe character tells the system to take the output of the last command run and use it as the input for the next command. Grep is a command that allows you to search within text for a given string.

Bandit Level 8 → Level 9
Level Goal

The password for the next level is stored in the file data.txt and is the only line of text that occurs only once
Commands you may need to solve this level

grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Helpful Reading Material

Piping and Redirection
solution

You must first sort (using the 'sort' command) the data which places all identical lines next to each other. Once that is complete, you use the uniq command with the -u flag to only display strings that are not duplicated.

Bandit Level 9 → Level 10
Level Goal

The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters.
Commands you may need to solve this level

grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

solution

There is no right or wrong way to go about this. The method below is simply what I have found provides the cleanest, clearest output. We start by using the strings command which is excellent at parsing these sorts of files. If we only run that, we are still presented with dozens of lines of text to sort through. Instead of trying to do that on our own, we can pipe this output to grep and search for a few = signs. This gives us the password very clearly.

Bandit Level 10 → Level 11
Level Goal

The password for the next level is stored in the file data.txt, which contains base64 encoded data
Commands you may need to solve this level

grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Helpful Reading Material

Base64 on Wikipedia

Solution
This is a relatively straight forward level – you simply need to find the command to decode base64

Bandit Level 11 → Level 12
Level Goal

The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions
Commands you may need to solve this level

grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

Helpful Reading Material
https://en.wikipedia.org/wiki/Rot13

Solution

The command used to solve this is a little bit difficult to explain but I’ll give it my best shot. What we are doing is piping the output of data.txt to the tr (translate) command. In the tr command we are telling it to turn the set A-Z and a-z into N-Z,A-M and n-z,a-m. The reason for splitting the translated alphabet up is because we need to shift everything down 13 characters, meaning anything coming after N has to go back to the beginning (S becomes F). If you are interested in this sort of thing, there are a number of great cryptography resources out there that start off simple (rot13) and get much more advanced.
command:::
( cat data.txt | tr 'A-Za-z' 'N-ZA-Mn-za-m' )

Bandit Level 12 → Level 13
Level Goal

The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)
Commands you may need to solve this level

grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd, mkdir, cp, mv, file

Solution

As you can see, this level sucks. Luckily, once you get used to each command, it goes smoothly, if not quickly. You want to start by moving the file to the /tmp/YourName directory so that you can work on it with write permissions. You must then use xxd to convert it out of a hex format and back into the compressed format. From there you use the file command to determine what sort of file it is. In this case it is a gzip file, so we rename it to .gz then use the gzip command to uncompress it. This process basically repeats for an absurd number of times using gzip, bzip2, and tar. Eventually you will run the file command and it will tell you that you have an ASCII file – happy days!

Comments questions and support
is highly appreciate

the time is finally here
https://www.africa.engineering.cmu.edu/research/cylab/picoctf-guide.html

it's in group of teams
2-5 individuals
experience hackers
please connect let's make a team

recent CTF attended, my team and i came out 128th position out of 630 teams

another ctf completed>>>came out 35th position

.