IT Security & Hacking
Phishing emails have been around since the 1990s. Why do people continue to use them as an attack vector? Because, sometimes, they work. Traditionally, of course, they came in the form of a Prince of a far-off land asking you for bank details so that they could transfer you their millions, offering you a cut …
Improving your security posture can be a daunting task, especially if you're not particularly tech savvy, so here are some quick wins to get you started, that I figure you can probably do within about 10 minutes. Automatic Updates Whether it's your phone, a Windows computer, a Macbook or your Smart TV, one of the …
Teacher is my 30th machine on HackTheBox. User access is gained through finding partial credentials, fuzzing the password and then exploiting a hole in the Moodle software to leverage code execution and get a reverse shell. This initial access is then escalated from www-data to a userful user account using SQL database credentials found in …
Access is the 29th machine I attempted on HackTheBox. User Access is gained through reading a MS Access database to get the password to a zipped file. Root access is gained by exploiting stored credentials. User Access I started, as I always do, with the nmapautomator script that the wonderful 21yfd made available on GitHub …
Active, the 28th machine I attempted on HackTheBox, is a relatively easy box but with some bits that you can learn if you don't know much about exploiting Active Directory and Kerberos. User Access I started, as I always do, with the nmapautomator script that the wonderful 21yfd made available on GitHub and shared in …
A more in depth report will come later, as I found myself too wrapped up in actually doing the OSCP material and labs to write up as I was going along, but after two attempts and a total of about 60 hours without sleep, I passed the OSCP exam and am officially an Offensive Security …
I got approval from work to actually book myself on to the OSCP and my course begins on the 24th March. I get three months of lab access and one attempt at the assessment. Very excited but also a little scared as everything I have read and heard about this course makes it sound like …
Everybody thinks they know what a hacker is. Someone sat in their parents' basement typing away and hoping to gain access to someone else's computer. This is probably mostly accurate. Along with these hackers (often known as "black hat" hackers), there are "white hat" hackers, or ethical hackers, who learn the skills that black hat …
Forms of encryption were invented long before the advent of the computer. Julius Caesar (100 BC – 44 BC) is said to have user a cipher to communicate with his armies and, while the complexity of encryption has increased exponentially, its purpose remains the same as it did over 2,000 years ago; to prevent unauthorised …
Tales from the Encrypt 