https://bikramkharal.com.np/Portfolio website of Bikram Kharal also known as themarkib. 2025-09-15T08:49:40+05:45 Bikram Kharal https://bikramkharal.com.np/ Jekyll © 2025 Bikram Kharal /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png 2025-09-14T18:40:00+05:45 2025-09-14T18:40:00+05:45 https://bikramkharal.com.np/posts/oscp/ themarkib

Hello everyone, Hi, I’m Bikram Kharal, a cybersecurity enthusiast and penetration tester with a strong interest in ethical hacking, network security, and offensive security. My journey into cybersecurity started with curiosity about how systems work and how they can be broken, which eventually grew into a passion for protecting them. Over time, I’ve worked on sharpening my skills in penetrati...

2024-05-29T18:40:00+05:45 2024-05-29T18:40:00+05:45 https://bikramkharal.com.np/posts/aws-subdomain-takeover/ themarkib

Hello guys, Today we are going to talk about the Subdomain takeover vulnerability which can be easily identified and exploited by attackers causing maximum impact to the organization. Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain and redirect users intended for an organization’s domain to a website that performs malici...

2024-05-14T18:40:00+05:45 2024-05-14T18:40:00+05:45 https://bikramkharal.com.np/posts/headless/ themarkib

Hello Guys, It’s me Bikram Kharal back in medium to write about the Seasonal machine of the Hack The Box. Initial Enumeration First of all i did a simple nmap scan to enumerate all the ports in the box. nmap -sC -sV Machine_IP -T4 I found that open ports are 22 and 5000. I saw that port 5000 is running a web service.Visiting that location we got a interface like below: Clicking on F...

2024-01-23T18:40:00+05:45 2024-01-23T18:40:00+05:45 https://bikramkharal.com.np/posts/htb-bizness/ themarkib

Hello everyone,It’s me Bikram Kharal here to write a about a easy hackthebox machine called as Bizness.Lets’ start : Initial Enumeration First of all i did a simple nmap scan to enumerate all the ports in the box.Here few ports like 22,80,443 seems interesting. I added https://bizness.htb/ to /etc/hosts in my linux machine. Enumerating Bizness Website Visiting the website we found it...

2024-01-16T18:40:00+05:45 2024-01-16T18:40:00+05:45 https://bikramkharal.com.np/posts/cache-posioning/ themarkib

Web cache poisoning is an advanced technique where by an attacker exploits the behavior of a web server and cache so that a harmful HTTP response is served to other users. How does a web cache work? To understand how web cache poisoning vulnerabilities arise, it is important to have a basic understanding of how web caches work. If a server had to send a new response to every single HTTP req...