Rants
Disclaimer: Could this post be social suicide? Sure, that's a distinct possibility, given that I typically refrain from sharing opinions to steer clear of associated stigma. However, there is an elephant spraying everywhere and we've just been contentedly sitting in a muddy space grinning at its
Cheat Sheet
This three-part series is intended to provide clarity on frequently encountered SSL-related issues in penetration tests. It includes a brief explanation of attacks, resources, and a cheat-sheet for quick validation in part two.
Hacking
With the holiday season in full swing, a multitude of people are looking to embark on fresh journeys and goals for the emergence of the new year. I am no exception to this rule, and have been investigating different avenues for growth, one of which we will be exploring today.
OSINT
OSINT, or Open-source Intelligence, are a set of techniques for data collection and analysis that is publicly available from various sources on the web (and beyond) in order to gain an understanding about a target, environment, business or thing. If you have ever tried to Google someone's information,
CTF
On March 23rd and 24th, 2022, Wicked6, sponsored by many companies produced a special 24 hour global women's only CTF event virtually. For 24 hours, 1,000 women gathered together in Discord to play various CTF games and the ladies of Space Cows were no exception! Information about
Hacking
Driver was a really fun box for me, not only because it deviated from the standard norm of many machines, but because I had to learn a few things in order to break into it. I also did this one with a few friends which made it even more fun!
Additional: I use the Cornell note taking method. You can find out more here: https://en.wikipedia.org/wiki/Cornell_Notes
CTF
Authors: piratemoo/azuleonyx/sh4na/whateverwally PancakesCon [https://pancakescon.com/] is a free virtual cybersecurity conference run by @hacks4pancakes [https://twitter.com/hacks4pancakes] as a way for speakers to discuss not only cybersecurity, but NON-IT related hobbies and interests, which in this day and age is a complete breath of needed
This is a compiled list of my favorite revshell cheat sheets from across the web. The three biggest resources I use are PayloadsAllTheThings [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md] , pentestmonkey [http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet], and highoncoffee [https://highon.coffee/blog/
Knife was one of the boxes I really wanted to get into as I came back to Hack the Box and started doing write-ups again. Typically, before I do any enumeration on a box, I like to see if there's a webpage to view. Knife had some sort
One of the first things I do whenever looking at a new machine is check out the website to see what's on it, so with Armageddon I did the same. I checked the site and found a giant chicken on the main page! I wasn't familiar
How do Alice/Bob communicate without Eve eavesdropping? Agree on a secret key Ke and have to do this through the same chan When Alice wants to send a msg: 1. Encrypts its using function E(Ke, m) then calls result of cipher text c 2. Alice sends ciphertext c=
> "A security system is only as strong as its weakest link" Attack Tree: Organizing a tree in a way to see/monitor weakest points. - Insight to possible lines of attack - Always part of a larger tree Weakest link property: Strengthening anything but weakest link can
Rick & Morty is a mini CTF room that ends up being the last challenge in the web hacking fundamentals section of TryHackMe, so I went ahead and captured the three flags for this challenge. First things first: I went to the webpage to take a look: Uh oh! Looks
OWASP, or the Open Web Application Security Project is a nonprofit foundation launched in 2001, that works to improve the security of software in an open community setting. It was incorporated as a non-profit charity in April of 2004 and the goal is to enable organizations to maintain trusted applications
This year, I got to not only volunteer at The Diana Initiative online conference, but I got to participate in the CTF in my spare time as well! While I didn't get a chance to go through every challenge, here is a write-up of the flags and challenges
Spectra was a relatively easy box, so here's a brief write-up on what I did to root the machine. I have a habit of checking pages before I run nmap so I visited the page first and found the following: Before I went any farther on the links
From the advent of the first portable phone, the DynaTAC 8000x (DYNamic Adaptic Total Area Coverage) and the first 20 minute call to the first car phone developed in 1984, to the release of the MicroTAC in 1989, we have been enthralled with phone communication and its ability to bring
> With the re-emergence of popularity in both vendor and client Bluetooth usage, along with the release of BlueBorne, I thought I would write a post that provides readers with a little bit of a better understanding of the fundamental workings and flaws used with the technology. This post was
