Blog Posts
2021
- 2021 Metasploit Community CTF Writeup Dec 6
- WeCTF 2021 CSP1 Challenge Writeup Jun 20
- HTB Cyber Apocalypse (2021) Writeup for Web Challenges Apr 23
- 2021 BSidesSF Writeup for Web and Cloud Challenges Mar 8
- Getting a Job in Infosec: From Noob to OSCP to Hired in 434 Days Mar 6
- LED Therapy: Intro to Hardware Hacking Using the Neutrogena Light Therapy Mask Jan 31
2019
- TUCTF 2019: Web Challenges Dec 1
- So, You Want to CTF? (A Beginner’s Guide to CTFing) Nov 10
- Pwnable.kr: ‘mistake’ Walkthrough Oct 13
- Hack In Paris 2019 CTF – “Meet Your Doctor” (GraphQL challenge) Jun 21
- HackTheBox “Lame” (Retired) Walkthrough Jun 3
- OOO DEF CON CTF 2019 Quals – “can’t even unplug it” May 24
- SunshineCTF: Wrestler Name Generator Apr 2
- b00t2root CTF: EasyPhp Mar 30
- MITRE CTF: Cyber Challenge 2019 Mar 17
- Microcorruption (Embedded Security CTF): Chernobyl Feb 4
- Microcorruption (Embedded Security CTF): Lagos Jan 19
- Microcorruption (Embedded Security CTF): Bangalore Jan 14
- Burp Suite for Beginners Part 2: Spider, Intruder and Repeater Jan 12
- Burp Suite for Beginners Part 1: Setup and Target/Proxy Tools Jan 12
- Microcorruption (Embedded Security CTF): Vladivostok Jan 7
- Microcorruption (Embedded Security CTF): Algiers Jan 5
- Microcorruption (Embedded Security CTF): Novosibirsk Jan 2
2018
- Using CSV Injection to Save KringleCon Christmas Dec 29
- Microcorruption (Embedded Security CTF): Addis Ababa Dec 19
- Microcorruption (Embedded Security CTF): Jakarta Dec 18
- Microcorruption (Embedded Security CTF): Santa Cruz Dec 17
- Microcorruption (Embedded Security CTF): Montevideo Dec 16
- Microcorruption (Embedded Security CTF): Whitehorse Dec 15
- Microcorruption (Embedded Security CTF): Reykjavik Dec 14
- Microcorruption (Embedded Security CTF): Cusco Dec 13
- Microcorruption (Embedded Security CTF): Johannesburg Dec 12
- Microcorruption (Embedded Security CTF): Hanoi Dec 11
- Microcorruption (Embedded Security CTF): Sydney Dec 10
- Microcorruption (Embedded Security CTF): New Orleans Dec 9
- TUCTF “Danger Zone”: Python, Reversing, and Kenny Loggins Nov 27
- TUCTF’s Ready Player One Challenges (hint: git is your friend) Nov 26
- TUCTF Meets Clue Nov 26
- CompTIA Security+: Public Key Infrastructure Nov 15
- CompTIA Security+: Wireless Security Nov 15
- CompTIA Security+: Cryptographic Algorithms Nov 15
- CompTIA Security+: Cryptographic Concepts Nov 14
- CompTIA Security+: Data Security and Privacy Practices Nov 14
- CompTIA Security+: Digital Forensics Nov 13
- CompTIA Security+: Incident Response, Disaster Recovery and Continuity of Operations Nov 13
- CompTIA Security+: Risk Management and Business Impact Analysis Nov 13
- CompTIA Security+: Policies, Plans and Procedures Nov 13
- CompTIA Security+: Identity and Access Management Controls Nov 13
- CompTIA Security+: Identity and Access Services Nov 13
- CompTIA Security+: Identity, Access and Accounts Nov 12
- CompTIA Security+: Physical Security Controls Nov 12
- CompTIA Security+: Resiliency and Automation Strategies Nov 12
- CompTIA Security+: Cloud and Virtualization Nov 11
- CompTIA Security+: Application Development and Deployment Nov 11
- CompTIA Security+: Embedded Systems Nov 11
- CompTIA Security+: Secure Systems Design and Deployment Nov 10
- CompTIA Security+: Architecture Frameworks and Secure Network Architecture Nov 10
- CompTIA Security+: Implementing Secure Protocols Nov 9
- CompTIA Security+: Mobile Devices Nov 8
- CompTIA Security+: Troubleshooting Common Security Issues Nov 5
- CompTIA Security+: Security Tools and Technologies Nov 5
- CompTIA Security+: Network Components Nov 5
- CompTIA Security+: Vulnerabilities and Impacts Oct 8
- CompTIA Security+: Vulnerability Scanning and Penetration Testing Oct 5
- CompTIA Security+: Threat Actors Oct 3
- CompTIA Security+: Cryptographic Attacks Oct 2
- CompTIA Security+: Wireless Attacks Oct 2
- CompTIA Security+: Application/Service Attacks Oct 1
- CompTIA Security+: Social Engineering Attacks Sep 30
- CompTIA Security+: Malware and Indicators of Compromise Sep 30
- Studying for the CompTIA Security+ Exam: What and Why Sep 29
- Pwnable.kr: ‘input’ Walkthrough Jun 10
- Pwnable.kr: ‘random’ Walkthrough Jun 7
- Pwnable.kr: ‘passcode’ Walkthrough Jun 7
- Pwnable.kr: ‘flag’ Walkthrough Jun 3
- Pwnable.kr: ‘bof’ Walkthrough Jun 2
- Pwnable.kr: ‘collision’ Walkthrough Jun 2
- Pwnable.kr: ‘fd’ Walkthrough Jun 1
- Reconnaissance: the What, Why and How of Information Gathering Jun 1
- MetaGooFil: Scraping Google For File MetaData So You Don’t Have To May 31
- Extracting Info from DNS Servers May 31
- What is WHOIS, and How to Use It (Plus GDPR, of course) May 29
- The Harvester: A Python Script for Finding Email Addresses May 29
- Google “Hacking” for Penetration Testers (DEFCON 13) May 28
- Learning “Google-Fu”: Google Directives for Penetration Testers May 28
- Website Copying and Offline Browsing with HTTrack May 27
- What is Penetration Testing? Apr 20
- How HTTP Works: A Quick Primer Apr 19
- A Quick SHA Primer Apr 17
- How TCP Handshakes Work Apr 16
- MAC Addresses Apr 9
- The OSI Model Apr 8
- Diffie-Hellman, Explained Apr 5