Exploiting log4j | Apache Solr
Log4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
top of page
Blog Posts
- Mar 18
- 7 min
Manually unpacking a UPX packed binary
Manually unpacking a binary that was packed with UPX, using two different methods including finding a tailjump and the pushad instruction.
380 views0 comments
- Sep 1, 2022
- 6 min
Silly Putty Malware Analysis
After completing the PMAT course, something set into motion. My new found passion for Malware Analysis. This will be the second time I...
44 views1 comment
- Aug 24, 2022
- 5 min
Python bank card stealer
Over the past couple of months I have dived deep into malware analysis and reverse engineering. Completing the PMAT course and enrolling...
79 views0 comments
- Jun 26, 2022
- 3 min
McAfee quarantine files - Automating BUP file analysis.
Quarantine (.BUP) files, otherwise known as BackUp files, are created by various applications such as McAfee antivirus. McAfee will...
235 views0 comments
- Jan 16, 2022
- 3 min
Post compromise analysis | Overpass 2
In this write up, we will be playing the role of an incident responder, post compromise of a system. The task is to identify what the...
40 views0 comments
- Jan 9, 2022
- 4 min
How to use Hydra to brute force login forms.
Hydra is a very powerful and fast password cracking tool which can also perform dictionary attacks against a wide range of protocols such...
10,018 views0 comments
- Dec 14, 2021
- 7 min
Exploiting log4j | Apache Solr
Log4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
5,706 views0 comments
- Dec 8, 2021
- 6 min
Enumerating Active Directory using BloodHound.
90% of the Global Fortune 1000 companies use Active Directory as their primary method of authentication and authorization. This plays a...
898 views0 comments
- Nov 28, 2021
- 4 min
Exploiting EternalBlue | MS17-010
In this blog we will be walking though a machine from the Cybermentors course; Practical Ethical Hacking (PEH). The main lesson from this...
848 views0 comments
- Nov 18, 2021
- 3 min
Golden Ticket attacks
Once we have compromised a Domain Controller we want to gain a level of persistence on the domain. We can do this by crafting Golden-Tickets
46 views0 comments
- Nov 18, 2021
- 4 min
Attacktive Directory
This will be my first of many Active Directory themed blogs focused around exploitation. I have recently been exposed to a lot of Active...
196 views0 comments
- Nov 11, 2021
- 6 min
Analysing a Phishing Kit
In this blog post, we will be analysing a very recent Phishing Kit that was found to be active last month. We will be taking a look at...
66 views0 comments
- Nov 4, 2021
- 6 min
Academy
This is my first blog post walking through a machine from the Cybermentors course Practical Ethical Hacking (PEH). This is one of the...
160 views0 comments
- Sep 24, 2021
- 5 min
What happens when a Cyber Security analyst is sent a phishing text?
This blog post is my first post on the topic of Phishing where I try to analyse an SMS Phishing text, not in great technical detail but...
26 views0 comments
- May 22, 2021
- 4 min
Malicious office macro analysis
In this blog post, we will creating a malicious macro that allows us to catch a reverse shell when a word document is opened. We will...
39 views0 comments
- Mar 22, 2021
- 6 min
Exploit development BOF
Buffer Overflow This blog post is my attempt in trying to explain how to perform a buffer overflow in preparation for the OSCP. I have...
405 views0 comments
- Aug 18, 2019
- 3 min
How to get started in Cyber Security 2021
The Information Security industry is booming and there hasn't been a better time to enter! Although prior cyber security experience isn't...
64 views1 comment
bottom of page