Browse Tag

redis security

A beginner-friendly walkthrough of the Hack The Box Starting Point REDEEMER machine (Tier 0). Learn Redis basics, how to enumerate with `redis-cli`, and why exposed Redis instances can leak sensitive data.

Hack The Box REDEEMER Walkthrough | Learning Redis for Beginners (Step-by-Step)

In this video, we walk through the Hack The Box Starting Point machine REDEEMER. This beginner-friendly walkthrough focuses on Redis – what it is, how it works, and why exposed Redis services are risky when misconfigured.

Instead of rushing through commands, we explain the concepts behind Redis, service enumeration, and how sensitive data can be stored and accessed directly from memory.

This is part of my ongoing Hack The Box Starting Point – Step-by-Step Walkthrough for Beginners series, where the goal is to help newcomers build strong fundamentals in ethical hacking.

What you will learn in this video

  • What Redis is and where it’s commonly used
  • Why exposed Redis instances are dangerous (authentication & config pitfalls)
  • How to identify Redis with Nmap (port 6379)
  • How to connect with redis-cli and inspect databases/keys
  • When to use KEYS * (CTF) and why SCAN is preferred in production
  • How to retrieve the flag and complete the tasks

Recommended setup

  • Kali Linux Virtual Machine
  • NAT networking mode
  • OpenVPN client
  • VMware Fusion / VirtualBox (any VM works)

Resources

Happy hacking, and enjoy the journey 🚀