It’s been a few weeks since I’ve done one of these. I found this box on Vulnhub, and considering I’m a big fan of The Office, I had to give it a go. This vulnerable machine is based on an episode of The Office where Dwight Schrute implements a Doomsday device to send incriminating information […]
Previously I discussed deploying Enterprise Linux in AWS which I demonstrated by using the AWS console. This is a common way to deploy servers to the cloud, however doing server deployments manually can create a situation where you’re stuck with static images that are difficult to replicate when your infrastructure grows. One of the benefits […]
Categories
Deploying Enterprise Linux in AWS
In a previous post I discussed installing Enterprise Linux in VMWare, this time I wanted to write about deploying a server to the cloud. Cloud Computing platforms like Amazon’s AWS allow you to build and run all kinds of Infrastructure and services on-demand without having to purchase and maintain expensive physical computing hardware. You can […]
Categories
EternalBlue
In this post I’m going to do a quick walkthough of EternalBlue, which was developed to exploit a vulnerability in the SMB protocol on Microsoft Windows operating systems leading to remote code execution. EternalBlue was used in the WannaCry and NotPetya cyber attacks that caused billions of dollars worth of damage. The purpose of this […]
Categories
Rickdiculously Easy Writeup
Welcome to another vulnhub box writeup. This time I’m trying ‘Rickdiculously Easy’ which is a Rick and Morty themed box. I love Rick and Morty, so how could I not give this one a go! This is a CTF style box, so there’s a bunch of flags to collect as well as compromising the server. […]
Categories
WebDeveloper 1 Writeup
Keeping with the spirit of hacking into things, I wanted to do another walkthrough of a vulnerable box from VulnHub called WebDeveloper 1. Mainly because it’s fun, and it’s good practice. Using netdiscover in Kali, I’ve determined the target IP address is 10.0.2.30, with the Kali Linux box itself being 10.0.2.29. Proceeding with an nmap […]
Categories
Kioptrix Writeup
Ethical Hacking is an essential part of a good cyber security program, knowing how cybercriminals can attack your networks and computers allows you to better defend your systems. For example, knowing which vulnerabilities are present by regularly scanning your network with a tool like Nessus is an important part of the process, but what can […]
Categories
Vulnerability Scanning with Nessus
Tenable Nessus is an industry standard vulnerability scanner that can be installed for free for basic network scanning. I’ve also had the opportunity to deploy Nessus agents across a fleet of hundreds of Linux servers and run extensive scans from Tenable cloud. In this article I’ll describe setting up Nessus in Linux to scan remote […]
Categories
Setting up a Cyber Security Lab
This post is a brief outline on setting up a home lab for Ethical Hacking, Penetration Testing and Cyber Security research. I’ll use the steps in this article as a base for future articles on more in-depth techniques. There’s already plenty of existing articles and tutorials about this kind of stuff and everyone has their […]
This post will demonstrate setting up an OpenLDAP Server for user authentication on Enterprise Linux. OpenLDAP is an implementation of the Lightweight Directory Access Protocol and is often used for user identity and authorisation services in corporate environments. I’ve previously demonstrated setting up an Enterprise Linux virtual machine, so if you haven’t already done so […]