New year update

New year, who dis? 2018 accomplishments: OSCP – passed Sept 2018 Guru rank & top 100 – HackTheBox.eu CompTIA Pentest+ cert (beta test pass!) New title/promotion @ work Pretty happy with all I got done and excited to see what I can do in 2019

OSCP – halfway mark

So today marks the halfway point of my 90 day lab access and I have to say it is both what I expected and not… I have owned root/administrator on 21 different lab machines. My time management for the first 45 could have been better and because of life I had a week or so…

OSCP and logging

This last Saturday I got my connection pack and have been able to start attacking the OSCP test labs. Having tons of fun digging into it and the accompanying training starts very basic is quite exhaustive and I am learning quite a bit from it. That said I’ve never been great at note taking.. which…

HackTheBox.eu – FluxCapacitor

FluxCapacitor was a box that you either loved or hated. I hated it at first but that was simply because I didn’t understand what was going on. After digging into it and getting RCE then going back and understanding how it all works this box is actually really cool and really interesting. I am a…

HackTheBox.eu – Bashed

Bashed is a pretty simple box that was one of the first machines I tackled after I joined HTB. It helped reinforce some of the tools I had started using and general enumeration which is always a huge key in a pentest. With that lets jump into it.. Tools used: -nmap -gobuster -netcat Step 1…

Exploit KB Vulnerable web app

Today we are setting our sights on the Exploit KB Vulnerable web app machine posted here on vulnhub.com. This is an extremely vulnerable box so don’t be dumb and put it on a production network or something. First thing first we need to know what all is running so I fired off both nmap and…

SANS 2017 Holiday Hack Writeup

This years holiday hack was a ton of fun. Last year I didn’t have all that much experience with Linux and I was really out of it when it came to CTF/challenges so I struggled. I setup this blog to document some of the progress I make and I am really surprised how well I’ve…

2017 Holiday hack is out

Few days behind (but from what I’ve read there were some stability issues so maybe not that far behind). Kicked off this morning was able to knock out a few challenges without too much trouble. Enjoying getting into these challenges but the damn snowballs are annoying to try to guide. Keeping notes as I go…

To reverse you must first learn to build

So Flare-on done for the year and I didn’t do as well as I’d hope but it has inspired me to keep learning. In that I’ve decided to go back and shore up my foundational understanding of assembly and when looking at various courses I did a bit with the Security Tube stuff but its…

2017 Flare-on write up

Had great fun attempting the Fire-Eye Flare on Challenge this year, was my first attempt and I have to say it has sparked a renewed interest in reverse engineering. I didn’t complete the challenge got to the 4th and hit a wall with my overall ASM inexperience so I have been working on some foundation…

Close