top of page
Blog Posts
Dec 14, 20217 min read
Exploiting log4j | Apache Solr
Log4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
7,7960
Mar 18, 20237 min read
Manually unpacking a UPX packed binary
Manually unpacking a binary that was packed with UPX, using two different methods including finding a tailjump and the pushad instruction.
2,1820
Nov 20, 20223 min read
Ransomware investigation using Splunk - BlackSun
In this write up, we will be assuming the role of a SOC analyst investigating a ransomware incident using Splunk. The task is to...
2940
Nov 20, 20225 min read
IcedID malware analysis
Malware analysis of an IcedID dropper contacting hxxps[://]hardenpasedaken[.]com C&C server.
3360
Aug 31, 20226 min read
Silly Putty Malware Analysis
After completing the PMAT course, something set into motion. My new found passion for Malware Analysis. This will be the second time I...
891
Aug 24, 20225 min read
Python bank card stealer
Over the past couple of months I have dived deep into malware analysis and reverse engineering. Completing the PMAT course and enrolling...
2440
Jun 26, 20223 min read
McAfee quarantine files - Automating BUP file analysis.
Quarantine (.BUP) files, otherwise known as BackUp files, are created by various applications such as McAfee antivirus. McAfee will...
4410
Jan 16, 20223 min read
Post compromise analysis | Overpass 2
In this write up, we will be playing the role of an incident responder, post compromise of a system. The task is to identify what the...
1000
Jan 9, 20224 min read
Unleashing the Power of Hydra for Brute Force Login Attacks
Hydra is a very powerful and fast password cracking tool which can also perform dictionary attacks against a wide range of protocols such...
35,4490
Dec 14, 20217 min read
Exploiting log4j | Apache Solr
Log4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
7,7960
Dec 8, 20216 min read
Enumerating Active Directory using BloodHound.
90% of the Global Fortune 1000 companies use Active Directory as their primary method of authentication and authorization. This plays a...
1,8120
Nov 28, 20214 min read
Exploiting EternalBlue | MS17-010
In this blog we will be walking though a machine from the Cybermentors course; Practical Ethical Hacking (PEH). The main lesson from this...
1,8330
Nov 18, 20213 min read
Golden Ticket attacks
Once we have compromised a Domain Controller we want to gain a level of persistence on the domain. We can do this by crafting Golden-Tickets
1020
Nov 18, 20214 min read
Attacktive Directory
This will be my first of many Active Directory themed blogs focused around exploitation. I have recently been exposed to a lot of Active...
7650
Nov 11, 20216 min read
Analysing a Phishing Kit
In this blog post, we will be analysing a very recent Phishing Kit that was found to be active last month. We will be taking a look at...
1550
Nov 4, 20216 min read
Academy
This is my first blog post walking through a machine from the Cybermentors course Practical Ethical Hacking (PEH). This is one of the...
2560
Sep 24, 20215 min read
What happens when a Cyber Security analyst is sent a phishing text?
This blog post is my first post on the topic of Phishing where I try to analyse an SMS Phishing text, not in great technical detail but...
450
May 21, 20214 min read
Malicious office macro analysis
In this blog post, we will creating a malicious macro that allows us to catch a reverse shell when a word document is opened. We will...
1380
Mar 22, 20216 min read
Exploit development BOF
Buffer Overflow This blog post is my attempt in trying to explain how to perform a buffer overflow in preparation for the OSCP. I have...
8690
Aug 18, 20193 min read
How to get started in Cyber Security 2021
The Information Security industry is booming and there hasn't been a better time to enter! Although prior cyber security experience isn't...
921
bottom of page