HackTheBox: Fuse - OSCP Prep
This is a ‘medium’ rated HTB Windows challenge featuring an interesting PE technqiue, Bring Your Own Vulnerable Driver (BYOVD).
Posts by Category
CTF Writeups
HackTheBox: Forest - OSCP Prep
This is a ‘easy’ rated HTB AD challenge in which we will be enumerating and attacking purely the DC. My offensive AD knowledge isn’t great so I apologise for...
HackTheBox: Knife - OSCP Prep
This was a ‘easy’ rated Linux HTB machine with an interesting CVE initial access vector combined with a simple privilege escalation technique. Let’s begin.
HackTheBox - Sunday - OSCP Prep
This was an easy rated HTB Solaris machine on TJ Null’s OSCP prep list. Let’s begin
HackTheBox - Granny - OSCP Prep (Without Metasploit)
This is an easy rated Windows machine on TJ Null’s OSCP prep list. Due to OSCP restrictions on auto-pwn tools, we will be purposefully doing this challenge w...
TryHackMe: Chill Hack - Detailed Writeup
This was an ‘easy’ rated TryHackMe Linux box. I can’t lie this didn’t seem ‘easy’ to me, however, enjoy the ride!
Defence Evasion
Cloaked in Pixels: Evasion update
Around this time last year I released a blog post which covered an analysis of a PoC steganographic shellcode encoder and runner, which I wrote in Python. Th...
Cloaked in Pixels: Concealing Your Payloads with Steganography
Steganography, the art of concealing information within another photograph, video, or even a physical object, has always intrigued me. As someone deeply pass...
Unmasking Defence Evasion: .NET process injection
Over the past few days, I have been engrossed in researching various defence evasion techniques used by red team operators and APT groups. Specifically, I ha...
Malware Analysis
Cobalt Strike Beacon Dropper Static Analysis
Cobalt Strike, which was originally developed as a legitimate security tool used for adversary emulation by Red Teams, has become a double-edged sword. Malic...