đ đ SANS 2022 Holiday Hack Challenge (HHC) - KringleCon 5
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2022, I successfully c...
Posts by Tag
- CTF 25
- Technical 25
- HTB 20
- Nmap 17
- Gobuster 5
- HHC 5
- Kringlecon 5
- SANS 5
- CounterHack 5
- Analysis 5
- SMB 4
- RE 4
- Python 3
- SSH 3
- FTP 3
- Curl 3
- Forensics 3
- MSFVenom 2
- Apache 2
- Git 2
- Java 2
- Readpst 2
- Metasploit 2
- Smbclient 2
- Hashcat 2
- Base64 2
- SUID 2
- Searchsploit 2
- SQL 2
- Snort 2
- Powershell 2
- DFIR 2
- Malware 2
- RAT 2
- MS17-010 1
- EternalBlue 1
- Netcat 1
- PHPBash 1
- Sudo 1
- Jenkins 1
- Groovy 1
- Snapshot 1
- KeePass 1
- PTH 1
- RelayHash 1
- ADS 1
- Pth-winexe 1
- JTR 1
- John 1
- Achat 1
- Icacls 1
- SMTP 1
- James 1
- Cron 1
- XXE 1
- XML 1
- Tomcat 1
- JSP 1
- Msfvenom 1
- Certutil 1
- Runas 1
- Cmdkey 1
- Mdbtools 1
- Enum4linux 1
- Cpassword 1
- gpp-decrypt 1
- GetUserSPNs 1
- Node.js 1
- GraphQL 1
- HelpDeskZ 1
- GCC 1
- Xxd 1
- Bzip 1
- Pspy 1
- BGP 1
- SNMP 1
- Injection 1
- Zabbix 1
- Jsonrpc 1
- Strings 1
- Perl 1
- Burpsuite 1
- LFI 1
- Webapp 1
- Tac 1
- Getcap 1
- PKI 1
- Masscan 1
- Crackmapexec 1
- Puttygen 1
- Doas 1
- SSH-Keygen 1
- Steghide 1
- TTY 1
- Chmod 1
- Stego 1
- IRC 1
- Vim 1
- SQLite3 1
- DB 1
- DeBruijn 1
- Trufflehog 1
- Bloodhound 1
- EvtxDump 1
- Sed 1
- DDE 1
- Http2 1
- SSL 1
- Pcap 1
- Sniffing 1
- Gdb 1
- DNS 1
- Reversing 1
- Cryptography 1
- PlaintextPasswords 1
- PRTG 1
- Config 1
- Grep 1
- SAM 1
- PWDump 1
- mRemoteNG 1
- Guestmount 1
- SCP 1
- Impacket 1
- Macro 1
- olevba 1
- Responder 1
- Powersploit 1
- Defcon 1
- FTK Imager 1
- Autopsy 1
- Live Response 1
- CyberChef 1
- Volatility 1
- Deadbox 1
- HexEdit 1
- OSCP 1
- Penetration 1
- Test 1
- Pentest 1
- PMA 1
- Practical 1
- Lab 1
- Reverse 1
- Engineering 1
- Yara 1
- OllyDbg 1
- x64dbg 1
- IDA 1
- Ghidra 1
- Cutter 1
- Pestudio 1
- PE-bear 1
- DiE 1
- Packing 1
- Shellcode 1
- Assembly 1
- JavaRAT 1
- STRRAT 1
- Adwind 1
- Strigoi 1
- Redline 1
- Credential 1
- Harvest 1
- Random 1
- Miscellaneous 1
- Cheatsheet 1
- Incident 1
- Response 1
- IR 1
- aspmuma 1
- webshell 1
- ASPX 1
- ASPXSpy 1
- remcos 1
- dnspy 1
- ghidra 1
- pestudio 1
- injector 1
- RC4 1
- Game Hacking 1
- Pwn Adventure 1
- Pwnie Island 1
- Windbg 1
- Memory Analysis 1
CTF
đ đ SANS 2021 Holiday Hack Challenge (HHC) - KringleCon 4
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2021, I successfully c...
đ đ SANS 2020 Holiday Hack Challenge (HHC) - KringleCon 3
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2020, I successfully c...
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
đ đ SANS 2019 Holiday Hack Challenge (HHC) - KringleCon 2
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2019, I successfully c...
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
Hack The Box - Chatterbox
Chatterbox was a reasonably simple machine which required exploiting a vulnerable âAchatâ service with custom shellcode, and then migrating to a more stable ...
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
Hack The Box - Blue
Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...
Technical
đ đ SANS 2022 Holiday Hack Challenge (HHC) - KringleCon 5
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2022, I successfully c...
đ đ SANS 2021 Holiday Hack Challenge (HHC) - KringleCon 4
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2021, I successfully c...
đ đ SANS 2020 Holiday Hack Challenge (HHC) - KringleCon 3
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2020, I successfully c...
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
đ đ SANS 2019 Holiday Hack Challenge (HHC) - KringleCon 2
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2019, I successfully c...
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
Hack The Box - Chatterbox
Chatterbox was a reasonably simple machine which required exploiting a vulnerable âAchatâ service with custom shellcode, and then migrating to a more stable ...
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
Hack The Box - Blue
Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...
HTB
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
Hack The Box - Chatterbox
Chatterbox was a reasonably simple machine which required exploiting a vulnerable âAchatâ service with custom shellcode, and then migrating to a more stable ...
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
Hack The Box - Blue
Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...
Nmap
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
Hack The Box - Chatterbox
Chatterbox was a reasonably simple machine which required exploiting a vulnerable âAchatâ service with custom shellcode, and then migrating to a more stable ...
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
Hack The Box - Blue
Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...
Gobuster
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
HHC
đ đ SANS 2022 Holiday Hack Challenge (HHC) - KringleCon 5
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2022, I successfully c...
đ đ SANS 2021 Holiday Hack Challenge (HHC) - KringleCon 4
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2021, I successfully c...
đ đ SANS 2020 Holiday Hack Challenge (HHC) - KringleCon 3
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2020, I successfully c...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
đ đ SANS 2019 Holiday Hack Challenge (HHC) - KringleCon 2
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2019, I successfully c...
Kringlecon
đ đ SANS 2022 Holiday Hack Challenge (HHC) - KringleCon 5
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2022, I successfully c...
đ đ SANS 2021 Holiday Hack Challenge (HHC) - KringleCon 4
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2021, I successfully c...
đ đ SANS 2020 Holiday Hack Challenge (HHC) - KringleCon 3
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2020, I successfully c...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
đ đ SANS 2019 Holiday Hack Challenge (HHC) - KringleCon 2
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2019, I successfully c...
SANS
đ đ SANS 2022 Holiday Hack Challenge (HHC) - KringleCon 5
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2022, I successfully c...
đ đ SANS 2021 Holiday Hack Challenge (HHC) - KringleCon 4
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2021, I successfully c...
đ đ SANS 2020 Holiday Hack Challenge (HHC) - KringleCon 3
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2020, I successfully c...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
đ đ SANS 2019 Holiday Hack Challenge (HHC) - KringleCon 2
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2019, I successfully c...
CounterHack
đ đ SANS 2022 Holiday Hack Challenge (HHC) - KringleCon 5
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2022, I successfully c...
đ đ SANS 2021 Holiday Hack Challenge (HHC) - KringleCon 4
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2021, I successfully c...
đ đ SANS 2020 Holiday Hack Challenge (HHC) - KringleCon 3
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2020, I successfully c...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
đ đ SANS 2019 Holiday Hack Challenge (HHC) - KringleCon 2
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In December 2019, I successfully c...
Analysis
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
Aspmuma 2009 âxxooxxâ - Malware Analysis Lab
Analysis of a web shell Iâve named Aspmuma 2009 âxxooxxâ.
Redline Stealer - Malware Analysis Lab
Analysis of the malware Redline Stealer.
STRRAT (Strigoi) - Malware Analysis Lab
Analysis of the malware STRRAT.
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
SMB
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Hack The Box - Blue
Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...
RE
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
Aspmuma 2009 âxxooxxâ - Malware Analysis Lab
Analysis of a web shell Iâve named Aspmuma 2009 âxxooxxâ.
Redline Stealer - Malware Analysis Lab
Analysis of the malware Redline Stealer.
STRRAT (Strigoi) - Malware Analysis Lab
Analysis of the malware STRRAT.
Python
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
SSH
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
FTP
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Curl
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
Forensics
Digital Forensics and Incident Response
Cheatsheet containing a variety of commands and concepts relating to digital forensics and incident response.
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
MSFVenom
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Hack The Box - Chatterbox
Chatterbox was a reasonably simple machine which required exploiting a vulnerable âAchatâ service with custom shellcode, and then migrating to a more stable ...
Apache
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
Git
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Java
STRRAT (Strigoi) - Malware Analysis Lab
Analysis of the malware STRRAT.
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Readpst
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Metasploit
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Smbclient
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Hashcat
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Base64
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
SUID
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Searchsploit
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
SQL
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Snort
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Powershell
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
DFIR
Digital Forensics and Incident Response
Cheatsheet containing a variety of commands and concepts relating to digital forensics and incident response.
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Malware
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
RAT
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
Redline Stealer - Malware Analysis Lab
Analysis of the malware Redline Stealer.
MS17-010
Hack The Box - Blue
Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...
EternalBlue
Hack The Box - Blue
Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...
Netcat
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
PHPBash
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
Sudo
Hack The Box - Bashed
Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...
Jenkins
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Groovy
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Snapshot
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
KeePass
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
PTH
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
RelayHash
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
ADS
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Pth-winexe
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
JTR
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
John
Hack The Box - Jeeves
Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...
Achat
Hack The Box - Chatterbox
Chatterbox was a reasonably simple machine which required exploiting a vulnerable âAchatâ service with custom shellcode, and then migrating to a more stable ...
Icacls
Hack The Box - Chatterbox
Chatterbox was a reasonably simple machine which required exploiting a vulnerable âAchatâ service with custom shellcode, and then migrating to a more stable ...
SMTP
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
James
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
Cron
Hack The Box - Solidstate
This machine contained a fairly straightforward SMTP vulnerability which didnât even need to be exploited to fully compromise the machine. It is an essential...
XXE
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
XML
Hack The Box - Dev0ops
Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...
Tomcat
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
JSP
Hack The Box - Jerry
Jerry would have to be one of the easiest machines Iâve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...
Msfvenom
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Certutil
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Runas
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Cmdkey
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Mdbtools
Hack The Box - Access
This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...
Enum4linux
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Cpassword
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
gpp-decrypt
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
GetUserSPNs
Hack The Box - Active
This machine was fairly straight forward and mimicked something youâd unfortunately expect to see even today in a typical penetration test. All in all itâs a...
Node.js
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
GraphQL
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
HelpDeskZ
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
GCC
Hack The Box - Help
Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...
Xxd
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
Bzip
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
Pspy
Hack The Box - Curling
This machine had some CTF elements to it, but overall wasnât that difficult to complete through proper enumeration. It highlights some issues which may be pr...
BGP
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
SNMP
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
Injection
Hack The Box - Carrier
This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldnât typica...
Zabbix
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Jsonrpc
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Strings
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Perl
Hack The Box - Zipper
This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...
Burpsuite
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
LFI
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
Webapp
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
Tac
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
Getcap
Hack The Box - Waldo
This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...
PKI
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Masscan
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Crackmapexec
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Puttygen
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Doas
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
SSH-Keygen
Hack The Box - Ypuffy
This machine was quite interesting, and contained a privilege escalation method Iâd not seen mentioned elsewhere. Luckily this was confined to the challenge,...
Steghide
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
TTY
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Chmod
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Stego
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
IRC
Hack The Box - Irked
This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...
Vim
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
SQLite3
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
DB
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
DeBruijn
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Trufflehog
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Bloodhound
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
EvtxDump
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Sed
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
DDE
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Http2
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
SSL
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Pcap
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Sniffing
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Gdb
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
DNS
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Reversing
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
Cryptography
đ đ SANS 2018 Holiday Hack Challenge (HHC) - Kringlecon
Every year the SANS Institute and the Counter Hack Team hosts a âHoliday Hack Challengeâ also commonly referred to as HHC. In January 2019, I successfully co...
PlaintextPasswords
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
PRTG
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
Config
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
Grep
Hack The Box - Netmon
Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...
SAM
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
PWDump
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
mRemoteNG
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
Guestmount
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
SCP
Hack The Box - Bastion
Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Utilising a machine vhd backu...
Impacket
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Macro
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
olevba
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Responder
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Powersploit
Hack The Box - Querier
Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...
Defcon
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
FTK Imager
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Autopsy
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Live Response
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
CyberChef
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Volatility
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
Deadbox
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
HexEdit
2019 Defcon DFIR CTF Write-up
The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...
OSCP
OSCP and Penetration Testing
Cyber Security resources for OSCP and penetration testing.
Penetration
OSCP and Penetration Testing
Cyber Security resources for OSCP and penetration testing.
Test
OSCP and Penetration Testing
Cyber Security resources for OSCP and penetration testing.
Pentest
OSCP and Penetration Testing
Cyber Security resources for OSCP and penetration testing.
PMA
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Practical
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Lab
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Reverse
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Engineering
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Yara
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
OllyDbg
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
x64dbg
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
IDA
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Ghidra
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Cutter
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Pestudio
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
PE-bear
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
DiE
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Packing
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Shellcode
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
Assembly
Practical Malware Analysis - Lab Write-up
This details reverse engineering activities and answers for labs contained in the book âPractical Malware Analysisâ by Michael Sikorski and Andrew Honig, whi...
JavaRAT
STRRAT (Strigoi) - Malware Analysis Lab
Analysis of the malware STRRAT.
STRRAT
STRRAT (Strigoi) - Malware Analysis Lab
Analysis of the malware STRRAT.
Adwind
STRRAT (Strigoi) - Malware Analysis Lab
Analysis of the malware STRRAT.
Strigoi
STRRAT (Strigoi) - Malware Analysis Lab
Analysis of the malware STRRAT.
Redline
Redline Stealer - Malware Analysis Lab
Analysis of the malware Redline Stealer.
Credential
Redline Stealer - Malware Analysis Lab
Analysis of the malware Redline Stealer.
Harvest
Redline Stealer - Malware Analysis Lab
Analysis of the malware Redline Stealer.
Random
Nuggets of Knowledge
Place to capture random social media posts which Iâve made, and capture various pieces of shared knowledge which proved popular.
Miscellaneous
Nuggets of Knowledge
Place to capture random social media posts which Iâve made, and capture various pieces of shared knowledge which proved popular.
Cheatsheet
Digital Forensics and Incident Response
Cheatsheet containing a variety of commands and concepts relating to digital forensics and incident response.
Incident
Digital Forensics and Incident Response
Cheatsheet containing a variety of commands and concepts relating to digital forensics and incident response.
Response
Digital Forensics and Incident Response
Cheatsheet containing a variety of commands and concepts relating to digital forensics and incident response.
IR
Digital Forensics and Incident Response
Cheatsheet containing a variety of commands and concepts relating to digital forensics and incident response.
aspmuma
Aspmuma 2009 âxxooxxâ - Malware Analysis Lab
Analysis of a web shell Iâve named Aspmuma 2009 âxxooxxâ.
webshell
Aspmuma 2009 âxxooxxâ - Malware Analysis Lab
Analysis of a web shell Iâve named Aspmuma 2009 âxxooxxâ.
ASPX
Aspmuma 2009 âxxooxxâ - Malware Analysis Lab
Analysis of a web shell Iâve named Aspmuma 2009 âxxooxxâ.
ASPXSpy
Aspmuma 2009 âxxooxxâ - Malware Analysis Lab
Analysis of a web shell Iâve named Aspmuma 2009 âxxooxxâ.
remcos
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
dnspy
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
ghidra
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
pestudio
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
injector
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
RC4
Remcos RAT - Malware Analysis Lab
Analysis of Remcos RAT, a prevalent remote access tool/trojan.
Game Hacking
Pwn Adventure 3 - Pwnie Island
Hacking âPwn Adventure 3: Pwnie Islandâ, an intentionally vulnerable first-person MMORPG.
Pwn Adventure
Pwn Adventure 3 - Pwnie Island
Hacking âPwn Adventure 3: Pwnie Islandâ, an intentionally vulnerable first-person MMORPG.
Pwnie Island
Pwn Adventure 3 - Pwnie Island
Hacking âPwn Adventure 3: Pwnie Islandâ, an intentionally vulnerable first-person MMORPG.
Windbg
Pwn Adventure 3 - Pwnie Island
Hacking âPwn Adventure 3: Pwnie Islandâ, an intentionally vulnerable first-person MMORPG.
Memory Analysis
Pwn Adventure 3 - Pwnie Island
Hacking âPwn Adventure 3: Pwnie Islandâ, an intentionally vulnerable first-person MMORPG.