Recent Blogs

Write-Up: SkyDog Con CTF 2016 – Catch Me If You Can

Introduction So our target today is another Capture the Flag game from VulnHub. SkyDog Con CTF 2016 - Catch Me If You Can [Download] Difficulty: Beginner/Intermediate Instructions: The CTF is a virtual machine and works best in Virtual Box. Download the OVA file open up Virtual Box and then select File –> Import Appliance. Choose […]

How to Create Malware for Android Devices

This was an interesting topic that I ran across not too long ago... and seems that the process for generating a meterpreter payload for an android device is very simple. However actually deploying this 'malware' payload to android devices in the wild may be a bit of a different story. Likely it would take plenty […]

Write-Up: IMF: 1 – ArcSecurity>NET

okay so lets get started a vulnhub hosted CTF target.. Welcome to "IMF", my first Boot2Root virtual machine. IMF is a intelligence agency that you must hack to get all flags and ultimately root. The flags start off easy and get harder as you progress. Each flag contains a hint to the next flag. I […]

Write-up: /dev/random: Sleepy

So to start off my new series of articles "Garden of Badb" we will begin with a full write-up of a publicly available vuln-hub virtual machine image sleepy. Lets Get Started! Setting up the labnet okay so we are dealing with a know vulnerable target, from a respectable source; however just to be safe we […]

Vulnerability Management Maturity

"In order to efficiently protect an IT environment you must know how to efficiently attack one" the inverse is also true "In order to efficiently attack or compromise an IT environment you must know how to build and protect one".   The Battlefield Why do I call it a battlefield? The void in which an […]

Agenda Defined

OSCP Holders Can ... Taken from the Offensive Security web site the following statements defines what the Offensive-Security Holder can do. 1- Use multiple information gathering techniques to identify and enumerate targets running various operating systems and services. 2- Write basic scripts and tools to aid in the penetration testing process. 3- Analyze, correct, modify, […]

Call in the Tiger Team

Let me start out this article with a simple disclaimer... This article is by no means an all inclusive authority of information in regards to the concept of 'Red Teaming'. This is only a digestive conclusion of my own thoughts and ideas on the subject. Most of the information included in my digest comes from […]

Offensive Security | Penetration Testing with Kali Linux & OSCP Certification

Not Just Another Technical Certification Offensive Security Certified Professional Certification is self proclaimed to be the first hands-on offensive information security certification. built and designed to occupancy the Offensive-Security Penetration Testing with Kali Linux course as well as challenge OSCP students to prove they have a clear and practical understanding of the penetration testing process […]