drsh0's llog

my learning log; notes on cybersec activities, ctfs, and ill-equipped cyber adventures. Consume responsibly.

In 2021, there are a lot of great tools, both online and offline, that are available for technical note taking and knowledge management. In this post I will describe how I use Joplin to meet both my note and wiki needs.

#notes #notetaking #wiki #knowledgemanagement

Read more...

ðŸ›Ą ðŸ”ĩ blue team resources

A curated list of defensive security courses and labs. The aim was to start documenting the new blue team & defensive security platforms that are being made available to students.

https://airtable.com/shrb5vu4HsQrNwvJN

ðŸ•ļ Mindmaps

Red Canary 2021 Threat Detection Report

Click here to expand the mindmap

If you have a spare router compatible with OpenWrt, an existing home wireless network, and want to utilise this wireless network for non-wifi enabled devices via ethernet – then this post may be helpful.

#openwrt #networking #wifi

Read more...

General writeup notes for Pentesterlab's Serialize badge. This post does not contain any spoilers. This is just information collected by me to understand the exercises better.

TODO – XMLDecoder – CVE-2016-0792 – ObjectInputStream – CVE-2013-0156: Rails Object Injection – API to Shell

#web #pentesterlab #Serialize

Read more...

difficulty: easy
status: retired
platform: linux
ip: 10.10.10.3
URI: https://www.hackthebox.eu/home/machines/profile/1
Read more...

🔗 https://capture.tf/

Another year of a fantastic WA based CTF made by the community for the community. As always, a lot was enjoyed, keyboards were mashed, and much was learnt. Thanks to all the organisers for making this so special. Only regret is not being able to play in person at Perth ðŸ˜Ē.

Read more...

source: https://pentesterlab.com/badges/recon – no spoilers!

Read more...

Get started with Cyber Security in 25 Days – Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas.

https://tryhackme.com/room/adventofcyber2

Here are my writeups! Happy Holidays folks 🎄

Read more...

URI: https://www.vulnhub.com/entry/bossplayersctf-1,375/ Difficulty: Easy

Aimed at Beginner Security Professionals who want to get their feet wet into doing some CTF's. It should take around 30 minutes to root.

Read more...

URI: https://www.vulnhub.com/entry/funbox-2-rockie,520/ Difficulty: Easy

Boot2Root ! This can be a real life scenario if rockies becomes admins. Easy going in round about 15 mins. Bit more, if you are find and stuck in the rabbit-hole first.

Read more...