HolidayHack &mdash; drsh0's llog https://drsh0.writeas.com/tag:HolidayHack my learning log; notes on cybersec activities, ctfs, and ill-equipped cyber adventures. Consume responsibly. Sun, 26 Apr 2026 19:23:16 +0000 https://i.snap.as/v7Oo2ci6.png HolidayHack &mdash; drsh0's llog https://drsh0.writeas.com/tag:HolidayHack SANS Holiday Hack Challenge 2020 https://drsh0.writeas.com/sans-holiday-hack-challenge-2020?pk_campaign=rss-feed <![CDATA[https://holidayhackchallenge.com/2020/ Updating this as soon as the event starts in mid-December 2020 ๐ŸŽ„ !--more-- Resources cheatsheet #sans #holidayhack #ctf #kringlecon]]> https://holidayhackchallenge.com/2020/

Updating this as soon as the event starts in mid-December 2020 ๐ŸŽ„

Resources

cheatsheet

#sans #holidayhack #ctf #kringlecon

]]> https://drsh0.writeas.com/sans-holiday-hack-challenge-2020 Tue, 01 Dec 2020 02:24:41 +0000 SANS KringleCon / Holiday Hack 2019 https://drsh0.writeas.com/sans-kringlecon-holiday-hack-2019?pk_campaign=rss-feed <![CDATA[Talks John Strand, Keynote: A Hunting We Must Go Interval, con time, data size. Holes in an org are just as important to detect as threat actors. Deception time + Reaction time < Time to perform attack. Katie Knowles, How to (Holiday) Hack It: Tips for Crushing CTFs & Pwning Pentests Recon - ID Vuln - ID Exploit - Test - New Info Integrate 1. Understanding the Problem Drawing is a useful way to visualise a problem e.g.: img src="https://i.snap.as/kAC3wJ7.png" width="400"/ credit: Katie Knowles 2. Plan Google things; look for other things that are similar. Having a list of things that we've done and then ensuring all bases are covered in each step e.g. all ports checked, UDP as well? 3. Carry out the plan 4. Looking Back Record your steps, useful links, wiki. Snow, Santaโ€™s Naughty List: Holiday Themed Social Engineering Tools rita - tool to check for beacons Zeek Url Crazy - typosquatting #socialengineering #CTF #SANS #HolidayHack #KringleCon2019]]> Talks

John Strand, Keynote: A Hunting We Must Go

  • Interval, con time, data size.
  • Holes in an org are just as important to detect as threat actors.
  • Deception time + Reaction time < Time to perform attack.

Katie Knowles, How to (Holiday) Hack It: Tips for Crushing CTFs & Pwning Pentests

  • Recon โ€“> ID Vuln โ€“> ID Exploit โ€“> Test โ€“> New Info Integrate

1. Understanding the Problem

  • Drawing is a useful way to visualise a problem e.g.:

credit: Katie Knowles

2. Plan

  • Google things; look for other things that are similar.
  • Having a list of things that we've done and then ensuring all bases are covered in each step e.g. all ports checked, UDP as well?

3. Carry out the plan

4. Looking Back

  • Record your steps, useful links, wiki.

Snow, Santaโ€™s Naughty List: Holiday Themed Social Engineering

Tools

#CTF #SANS #HolidayHack #KringleCon2019

]]> https://drsh0.writeas.com/sans-kringlecon-holiday-hack-2019 Sun, 15 Dec 2019 03:21:58 +0000