CTF
Capture the Flag (CTF) games seem to be all the rage now! I mean, I’m not complaining, I’ve been using these for years now and I’ve been building games for about a year so I’m super excited they are more popular, but popular != great. Read more “Thinking of building a Capture the Flag game?”
Guides
One thing that I found quite hard to deal with when I started using Linux coming from a Windows background was the package manager. I thought I would run through some basics here to give people a kick start on their journey!
In the Linux world the operating systems have repositories that are maintained, think of this like the windows update catalogue (but it includes way more). Here we have all the OS files (packages) and application (packages). Read more “Basic Package Management in Kali Linux”
Defense
‘Red Teaming’ the latest phrase in the cyber security world that brings a shudder down my spine! Now don’t get me wrong, adversary simulation is awesome, it’s a great tool and when wielded correctly brings massive value to enhancing your security posture… but alas, they aren’t always deployed in a business aligned and value driven position.
They sound ‘sexy’ and any pentester is going to jump at the chance to do one, let alone the sales and marketing teams will be grinning as they will come in with higher revenue but also will increase their case study portfolio for delivered red teams! (I’m not knocking this, it’s the reality of doing business).
Having witnessed a number of these take place against organizations who I don’t feel are ready for them, I thought I would write a piece on things I would recommend having in place before conducting a ‘red team’ assessment. Read more “Things to do before you conduct a ‘red team’ assessment”
Guides
Covenant is a .NET c2 (Command & Control) Framework that aims to highlight the attack surface of .NET and aid red teamers! Today I’m going to jump into slip space with a Halo themed blog on my first use of Covenant in the lab. Let’s hope I don’t need Cortana to get this deployed (yes I’m a massive Halo nerd!)
First thing let’s head over to GitHub and check out the install notes:
The architecture seems to look like this:
Read more “Owning the Covenant like a Chief! – C2 Framework Review”
Hacking
Following on in the series from my previous post – My OSCP Diary – Week 1 I continue my offensive security professional certification journey!
So, after a break in my training schedule (pro tip, ask Offensive Security (Offsec) to pause your PWK lab time – I didn’t which was stupid) I’m back into the PWK labs!
The first thing I realised after having ~ 40 days break was taking that long a gap isn’t the best idea (but hey holidays and life have to happen right!) I got back into the lab and looked at my attack Visio blankly for a bit, realising the task ahead of me had a lot of servers still in it!
I think the first box I decided to hit was pain, as its name says this box is not easy as is considered an OSCP boss box, as its name says, it’s painful but quite fun once you have cracked it. Read more “OSCP Week 2”