Exploiting log4j | Apache Solr
Log4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
top of page
Blog Posts
- Mar 18
- 7 min
Manually unpacking a UPX packed binary
Manually unpacking a binary that was packed with UPX, using two different methods including finding a tailjump and the pushad instruction.
1100
- Nov 20, 2022
- 3 min
Ransomware investigation using Splunk - BlackSun
In this write up, we will be assuming the role of a SOC analyst investigating a ransomware incident using Splunk. The task is to...
380
- Nov 20, 2022
- 5 min
IcedID malware analysis
Malware analysis of an IcedID dropper contacting hxxps[://]hardenpasedaken[.]com C&C server.
1330
- Sep 1, 2022
- 6 min
Silly Putty Malware Analysis
After completing the PMAT course, something set into motion. My new found passion for Malware Analysis. This will be the second time I...
291
- Aug 24, 2022
- 5 min
Python bank card stealer
Over the past couple of months I have dived deep into malware analysis and reverse engineering. Completing the PMAT course and enrolling...
570
- Jun 26, 2022
- 3 min
McAfee quarantine files - Automating BUP file analysis.
Quarantine (.BUP) files, otherwise known as BackUp files, are created by various applications such as McAfee antivirus. McAfee will...
710
- Jan 16, 2022
- 3 min
Post compromise analysis | Overpass 2
In this write up, we will be playing the role of an incident responder, post compromise of a system. The task is to identify what the...
90
- Jan 9, 2022
- 4 min
How to use Hydra to brute force login forms.
Hydra is a very powerful and fast password cracking tool which can also perform dictionary attacks against a wide range of protocols such...
2,0910
- Dec 14, 2021
- 7 min
Exploiting log4j | Apache Solr
Log4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
3,8620
- Dec 8, 2021
- 6 min
Enumerating Active Directory using BloodHound.
90% of the Global Fortune 1000 companies use Active Directory as their primary method of authentication and authorization. This plays a...
2580
- Nov 28, 2021
- 4 min
Exploiting EternalBlue | MS17-010
In this blog we will be walking though a machine from the Cybermentors course; Practical Ethical Hacking (PEH). The main lesson from this...
2830
- Nov 18, 2021
- 3 min
Golden Ticket attacks
Once we have compromised a Domain Controller we want to gain a level of persistence on the domain. We can do this by crafting Golden-Tickets
330
- Nov 18, 2021
- 4 min
Attacktive Directory
This will be my first of many Active Directory themed blogs focused around exploitation. I have recently been exposed to a lot of Active...
490
- Nov 11, 2021
- 6 min
Analysing a Phishing Kit
In this blog post, we will be analysing a very recent Phishing Kit that was found to be active last month. We will be taking a look at...
170
- Sep 24, 2021
- 5 min
What happens when a Cyber Security analyst is sent a phishing text?
This blog post is my first post on the topic of Phishing where I try to analyse an SMS Phishing text, not in great technical detail but...
230
- May 22, 2021
- 4 min
Malicious office macro analysis
In this blog post, we will creating a malicious macro that allows us to catch a reverse shell when a word document is opened. We will...
320
- Mar 22, 2021
- 6 min
Exploit development BOF
Buffer Overflow This blog post is my attempt in trying to explain how to perform a buffer overflow in preparation for the OSCP. I have...
810
- Aug 18, 2019
- 3 min
How to get started in Cyber Security 2021
The Information Security industry is booming and there hasn't been a better time to enter! Although prior cyber security experience isn't...
581
bottom of page