Hunting Pastebin with PasteHunter

      5 Comments on Hunting Pastebin with PasteHunter

From a security analytics and Threat Intelligence perspective Pastebin is a treasure trove of information. All content that is uploaded to pastebin and not explicitly set to private (which requires an account) is listed and can be viewed by anyone. tl;dr Using Yara Rules to find and save interesting data from pastebin https://github.com/kevthehermit/PasteHunter Hackers and script kiddies are quick to… Read more »

VulnHub Proteus Solution

      4 Comments on VulnHub Proteus Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Proteus Intro An Easy / Intermediate level CTF from https://twitter.com/viljoenivan This one takes on the appearance of a corporate malware analysis platform. and the description suggests we can not simply compile a kernel exploit to get root…. Read more »

VulnHub DonkeyDocker Solution

      No Comments on VulnHub DonkeyDocker Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Donkey Docker Intro An Easy / Intermediate level CTF from @dhn_ Link – https://www.vulnhub.com/entry/donkeydocker-1,189/ Difficulty – Easy / Intermediate My Solution As always we start with an nmap scan. root@kali:~/Desktop/setec-vpn# nmap -p- -sV -A 192.168.5.60 Starting Nmap 7.40… Read more »

VulnHub Orcus Solution

      No Comments on VulnHub Orcus Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Orcus Intro This is the last of 3 incrementally difficult CTF’s created for HackFest 2016 by @ViperBlackSkull and released on the VulnHub platform. Link – https://www.vulnhub.com/entry/hackfest2016-orcus,182/ Difficulty –Hard My Solution As always start with an NMAP Scan to see… Read more »

VulnHub Sedna Solution

      No Comments on VulnHub Sedna Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Sedna Intro This is the second of 3 incrementally difficult CTF’s created for HackFest 2016 by @ViperBlackSkull and released on the VulnHub platform. Link – https://www.vulnhub.com/entry/hackfest2016-sedna,181/ Difficulty –Medium My Solution As always start with an NMAP Scan to… Read more »

VulnHub hackfest2016: Quaoar Solution

      No Comments on VulnHub hackfest2016: Quaoar Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Quaoar Intro This is the first of 3 incrementally difficult CTF’s created for HackFest 2016 by @ViperBlackSkull and released on the VulnHub platform. Link – https://www.vulnhub.com/entry/hackfest2016-quaoar,180/ Difficulty –Very Easy My Solution As always start with an NMAP Scan… Read more »

VulnHub Breach 3 Solution

      1 Comment on VulnHub Breach 3 Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Breach 3.0.1 Intro Breach is the third in a series of boot2roots released by mrb3n on the vulnhub platform. It follows on from  2 previous challenges and maintains the same scenario. We are advised to keep our… Read more »

Resurrecting SpearPhisher

      No Comments on Resurrecting SpearPhisher

A couple of years ago I was looking for something that could generate some spear phishing emails I could use to test some of our network defenses and later could be used as part of a Red Team exercise. At the time I couldn’t find anything I really liked that balanced features, cost and ease of setup and configuration. I… Read more »

Solving the SANS 2016 Holiday Hack Challenge

      9 Comments on Solving the SANS 2016 Holiday Hack Challenge

tldr; SANS released the 2016 Christmas Holiday Hack Challenge.This serves as my official submitted answer, and my offering to you dear reader in case you want to see how I approached the challenges. So settle in this is going to be a long post. At the time of writing the challenge is still live and SANS typically keep the servers… Read more »

VolUtility Release v1.2 – With Authentication Module

VolUtilty 1.2 has now been released. If your not sure what VolUtility is – https://techanarchy.net/tag/volutility/ The main addition here is the new optional Authentication module. It is disabled by default and can be enabled via the config file. Before enabling the Auth module it will need a small amount of setup that is detailed on the wiki, basic steps are: cd… Read more »