Summary This was a really cool CTF! It was put on by HouSecCon (Hou.Sec.Con) and Idaho National labs. A few things I really liked about it: Final scores! Huge congrats to CoB for a late night rally and taking the win! Challenges There were upwards of 100 challenges in the…
Leave a CommentTag: security
Phish Yourself! – A practical guide to running an internal phishing campaign.
Social engineering, in particular through the medium of email, is very likely the greatest threat to an average organization. While 0-days do come around and pose real threats to organizations and many of them do not implement strong patch management programs, phishing is simply easier and more effective for the…
1 CommentRecon Part 4 – theHarvester and Recon-ng
TheHarvester I’m going to present this tool in two ways to show simultaneously how cool this utility is and the slightly less impressive way it is actually done: What appears to happen: Type in a username, receive a list of sites that user exists as a member. Type in a…
Leave a CommentBattalion – Automating Recon
Introducing Battalion Over the past 2.5 months a friend – @eidolonpg – and I have been working on a tool which was spawned from the previous articles written here. If you’ve read the past few posts have been about ‘Reconnaissance’ and, lately, chaining various recon tools together you’ll understand how this…
Leave a CommentRecon Part 3 – Gobuster and EyeWitness
Gobuster TheColonial wrote a really cool tool called Gobuster which is similar to fierce but programmed in Go. I wanted to include it here because I tend to have better performance using this tool than fierce, by a LOT. Gobuster can be found on github here. There are a few issues to…
Leave a CommentRecon Part 1 – Building a Machine
This series is about setting up a recon machine in the cloud, using some basic tools, and diving in to the recon process! As I move my career in to the security space I want to document my process. Part of this involves testing various utilities and trying my hand at…
Leave a CommentImageMagick Proof Of Concept – Remote Shell
ImageMagick is a server-side image processing engine which is very widely used. Some functions include compressing/resizing submitted images (profile pictures, for instance) to standardize files in the server’s database. Some of the popular image processing plugins in php, ruby’s rmagick, and others use ImageMagick’s platform. Before going further, here’s a…
Leave a CommentDon’t DROWN! – Avoiding the TLS/SSL vulnerability
What is it? DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) is a recently discovered (March 2016) vulnerability in SSL/TLS which can allow attackers to break the security SSL and TLS are supposed to provide and acquire the newly decrypted data. The flaw exploits servers which still support encryption services…
Leave a Comment