cybersecurity Dissecting a Phishing Email: How to Spot a Scam Targeting DreamHost Users In this blog post, I’m going to break down the elements of this phishing email to show you how I identified it as fraudulent and provide actionable tips to help you spot similar scams. Let’s dive in and I'll show you how to remain vigilant against these kinds of scams!
My First Physical Penetration Test: Lessons, Challenges, and Successes When I embarked on my first physical penetration test, I didn’t quite know what to expect. Sure, I had prepared for the task by planning out test cases and
deadface DEADFACE CTF 2024 Steganography Write-Up In this blog, I’ll walk you through my intended solutions for each challenge, providing insights into the thought process behind their creation and the techniques used to crack them.
cybersecurity Pentesting 3: Passive Reconnaissance In this next phase, I shift focus to the initial steps in gathering intelligence about the target without direct interaction.
pentesting Pentesting Part 2: Planning This blog explores the pivotal role of planning, emphasizing its significance in ensuring a comprehensive and efficient penetration testing process.
cybersecurity Pentesting Part 1: Intro to External Pentesting Every pentester has their own preferences and approaches to conducting pentests. In this blog, I'll cover the approach and methodologies that I use when I conduct pentests.
deadface DEADFACE CTF: Sneaky Static Walkthrough Sneaky Static is a steganography challenge from DEADFACE CTF 2023. This challenge requires players to find an mp4file appended to another mp4. Common steganography tools will not be able to detect or carve out the hidden file.
ctf DEADFACE CTF: End of the Road Walkthrough End of the Road emphasizes the need to treat the CTF like one large story and investigation by aggregating information found on DEADFACE in various other challenges.
deadface DEADFACE CTF: Host Busters Walkthrough Host Busters was a series of challenges during DEADFACE CTF that provided competitors with an adversary's live Linux system. The goal was to investigate the system: see what artifacts could be found and characterize the behavior of the system.
ctf DEADFACE CTF Welcome to the electrifying world of DEADFACE CTF, where cybersecurity enthusiasts and professionals converge to test their skills.
Configure a Web Server in Docker with an Nginx Reverse Proxy In this blog, I'll provide an overview of how to set up a web server in Docker and use an Nginx proxy to route traffic to the web
phishing Avoid Phishing by Knowing the Signs It's easy to be fooled by phishing attacks if you don't know how to detect the signs that you're being phished. In this blog, I'll dissect a real-world phishing email that was sent to me personally and highlight all of the warning signs in the email.
Virtual Machine Tips & Tricks: Transferring Files During CTFs or penetration testing, it's imperative to know a variety of methods for transferring files between different machines and operating systems.
steganography Hiding Information by Manipulating an Image's Height In this blog, I'll demonstrate how this can be accomplished and what it might possibly look like in real-world application.
hacktober Passing SSH Users to Unique Docker Containers In this blog, I'll go over step-by-step instructions showing how I created the Talking to the Dead Linux challenges.
volatility Carving Sensitive Information from Memory with Volatility In this blog, I'll demonstrate how to carve out a malicious executable found in a memory dump file. I'll also show how to extract password hashes and crack the password from the hash.
volatility Memory Forensics on Windows 10 with Volatility Volatility is a tool that can be used to analyze a volatile memory of a system. With this easy-to-use tool, you can inspect processes, look at command history, and even pull files and passwords from a system without even being on the system!
python Build a Caesar Cipher in Python The Caesar cipher comes from its namesake: Julius Caesar. It's an antiquated method of encoding a message simply by shifting the characters of the alphabet. With Python, we can easily create our own program to encode and decode messages using a Caesar Cipher.
ctf Kaizen CTF - Watering Hole The Watering Hole category of challenges were one of the first set of challenges in the event. They required diverse techniques that ranged from amateur to moderate skill level.
ctf Kaizen CTF - Getting Started Kaizen CTF is an event developed and hosted by Booz Allen Hamilton. It's a CTF designed to provide multi-layered, non-obvious vulnerabilities using techniques in forensics, web exploitation, scripting, and reverse engineering.
NeverLAN CTF - Look Into the Past Look Into the Past was a fun challenge that gave players a zipped copy of a Linux machine's file system. The goal of this challenge was to find
ctf KringleCon 2019 - The Holiday Hack Trail The Holiday Hack Trail was a fun little spin on the classic game we all failed miserably at as kids: The Oregon Trail. It was a fun challenge designed to
ctf KringleCon 2019 - Frosty Keypad Frosty Keypad was a fun challenge designed to simulate breaking through physical security by brute-forcing a keypad.
education Set Up Safe Browsing for Your Kids The internet is a scary place, but there are ways you can protect them from stumbling into the dark corners of the internet!
ctf SwampCTF - Last Transmission Last Transmission is another steganography challenge. It's not as sophisticated as some of the others - but its point value was low, so that's to be
