Featured Development / Security / Hacking Why your company will be hacked This is a short list of common reasons why your company is going to be hacked. Learn from the past to improve the future!
Hacking / Security / Write-ups SANS Holiday Hack Challenge 2020 write-up This is my write-up for the 2020 SANS Holiday Hack Challenge. It contains the solutions for all terminals, objectives and side quests.
Hacking / Tips & Tricks Getting started with the SANS Holiday Hack Challenge 2020 How to get started with the 2020 SANS Holiday Hack challenge: KringleCon 3
Featured Security / Hacking / Development Buffer overflow attacks explained How does a typical buffer overflow exploit work in code, at run-time and in memory and what can be achieved by running it?
Hacking / Security / Development SANS Holiday Hack Challenge 2019 Write-up This article is my write-up for the 2019 SANS Holiday Hack Challenge. It contains the solutions for all terminals, puzzles and objectives
Hacking / Tips & Tricks Getting started with the SANS Holiday Hack Challenge 2019 How to get started with the 2019 SANS Holiday Hack challenge: KringleCon
Development / Hacking / Tips & Tricks Hosting a CTF made easy using Docker and DigitalOcean Hosting a CTF can be a piece of cake by deploying a Docker container in a DigitalOcean Droplet. This article will run through this process. Fully automated script provided as well.
Hacking / Google / Security / Tips & Tricks Two-Factor authentication: How to secure your accounts? How to secure your online accounts by setting up two-factor authentication (2FA) and why is it important to do so? Step-by-step guide for 2FA.
Security / Hacking / Network Executing a man-in-the-middle attack How can you become a man-in-the-middle on a network to eavesdrop on user traffic and what can you do to protect yourself against such an attack?
Network / Security / Hacking / Development TCP 3-way handshake and port scanning How does the TCP 3-way handshake work and how is it used to perform a port scan?
Security / Google / Hacking Hosting a Cookie Stealer in Google Forms This article describes a quick and easy way to have cookie stealing functionality for your XSS tests, by using Google Forms as a host.
Security / Hacking How I got access to local AWS info via Jira This article will describe how I exploited an SSRF vulnerability in an Atlassian plugin and gained access to AWS instance metadata via a local endpoint, explaining the theory and techniques along the way
Featured Hacking / Security / Metasploit Hacking Windows with Meterpreter Explore the post-exploitation world of a hacked Windows machine. Steal credentials, key logging, screen capture, new accounts, download files and more.
Security / Hacking / Metasploit Metasploit, WannaCry and Windows update How to use Metasploit to execute the Eternalblue exploit (like WannaCry and Petya ransomware) and why you should install your latest Windows updates
Security / Hacking 5 Phases of hacking An ethical hacker follows a similar process to that of a malicious hacker to gain and maintain access to a computer system. The process of a typical attack scenario can be broken down into five distinct phases, which are described in this article.