Archive

2018

Shodan Cheat Sheet

less than 1 minute read

Shodan’s a search engine which helps find systems on the internet. It’s a great resource to provide passive reconnaissance on a target or as a measuring tool...

2017

Hacking Flash Games (Client-side Attack)

6 minute read

One of the areas of interest that first led to me to becoming passionate about security was the Game Genies and Game Sharks. I thought it was fascinating to ...

Responder Fun

5 minute read

While researching some ways in which to obtain Domain Admin within an organization, I started playing around with Responder and figured I would share a quick...

Stealing Hashes with LAN Turtle

4 minute read

When you hear that you can steal user hashes from locked machines, everyone’s ears perk up. This attack vector has been around for almost a year now, which s...

Quick Python Port Scanner

1 minute read

I’m not a programmer by trade and only have limited experience by just hacking and slashing existing code to accommodate my needs for work/pen testing. In an...

Mr-Robot 1 Walkthrough

2 minute read

I haven’t had a chance to watch all of the Mr. Robot series but this machine was a lot of fun. What I particularly like is that you are rewarded if you prope...

Kioptrix 5 Walkthrough

2 minute read

This was perhaps my favorite Kioptrix series and really felt like an OSCP-type machine. Once I got more time, I exploited this machine without Metasploit whi...

Kioptrix 4 Walkthrough

2 minute read

This set-up is slightly different than the images previously in the series, as it’s a hard-drive file that you attach to your manually created VM. While it s...

Kioptrix 3 Walkthrough

2 minute read

There are a ton of different ways to achieve the same result on this machine which is what I liked most about this one. It wouldn’t be a bad idea to do this ...

Kioptrix 2 Walkthrough

2 minute read

This is the updated image (as the previous option fixed a few bugs) but from my understanding it roughly works the same for both. This is certainly a beginne...

Kioptrix 1 Walkthrough

3 minute read

The Kioptrix series is a great starter boot2root series. It increases in difficulty in a gradual flow and can really help hone your enumeration process. If a...

SickOS 1.2 Walkthrough

3 minute read

The SickOS series from VulnHub gives you a small taste of what to expect while pursuing your OSCP. Below is a walkthrough of how to compromise SickOS 1.2 and...

SickOS 1.1 Walkthrough

5 minute read

The SickOS series from VulnHub gives you a small taste of what to expect while pursuing your OSCP. Below is a walkthrough of how to compromise SickOS 1.1 and...

OverTheWire: Bandit Solutions

13 minute read

If you’re looking to hone some of your shell skills then the OverTheWire: Bandit series is certainly a step in the right direction. By the time you finish, y...

Obtaining HTTP Request Method’s

1 minute read

When conducting security reviews (penetration tests, vulnerability assessments, etc) understanding what HTTP request methods exists can become imperative to ...

Getting Started As A Hacker

5 minute read

Anyone in InfoSec always gets asked this question, “How do I become a hacker” and “Where do I start”. I’ve been getting it an abnormal amount as of late so I...

Fighting the Good Fight

2 minute read

Currently I’ve been toying with the security implications that can be imposed on an organization around authentications based on your phones proximity and pu...

OSCP Review

9 minute read

There are tons of OSCP reviews floating around the web so I’ll keep the fluff to a minimum, to better make use of both our time. If you want to get to the me...

Msfvenom Cheat Sheet

1 minute read

Msfvenom (replaced the former msfpayload and msfencode tools) and is a tool that can be used to generate payloads as standaline files and encode them if need...

Netcat Cheat Sheet

less than 1 minute read

Netcat which has been famously labeled as the “Swiss army knife of hacking” is a networking utility used for reading/writing from TCP/UDP sockets, port scann...

TTY Spawning Cheat Sheet

less than 1 minute read

Below are some helpful tricks to spawn a TTY shell in the event you need to further interact with the system. These are also helpful in breaking out of “jail...

Basic Buffer Overflows

5 minute read

A lot can be said about buffer overflows and they are perhaps the most daunting part of attempting the OSCP for most. However, as you'll find in most of your...

Started A Blog

less than 1 minute read

I’ve thought about making my own blog for several years now and I finally took the leap! I figured this would serve as a good place to put my thoughts into w...