Categories
Security

EternalBlue

In this post I’m going to do a quick walkthough of EternalBlue, which was developed to exploit a vulnerability in the SMB protocol on Microsoft Windows operating systems leading to remote code execution. EternalBlue was used in the WannaCry and NotPetya cyber attacks that caused billions of dollars worth of damage. The purpose of this […]

Categories
Capture The Flag

The Office: Doomsday Device Writeup

It’s been a few weeks since I’ve done one of these. I found this box on Vulnhub, and considering I’m a big fan of The Office, I had to give it a go. This vulnerable machine is based on an episode of The Office where Dwight Schrute implements a Doomsday device to send incriminating information […]

Categories
Capture The Flag

WebDeveloper 1 Writeup

Keeping with the spirit of hacking into things, I wanted to do another walkthrough of a vulnerable box from VulnHub called WebDeveloper 1. Mainly because it’s fun, and it’s good practice. Using netdiscover in Kali, I’ve determined the target IP address is 10.0.2.30, with the Kali Linux box itself being 10.0.2.29. Proceeding with an nmap […]

Categories
Capture The Flag

Kioptrix Writeup

Ethical Hacking is an essential part of a good cyber security program, knowing how cybercriminals can attack your networks and computers allows you to better defend your systems. For example, knowing which vulnerabilities are present by regularly scanning your network with a tool like Nessus is an important part of the process, but what can […]

Categories
Capture The Flag

Rickdiculously Easy Writeup

Welcome to another vulnhub box writeup. This time I’m trying ‘Rickdiculously Easy’ which is a Rick and Morty themed box. I love Rick and Morty, so how could I not give this one a go! This is a CTF style box, so there’s a bunch of flags to collect as well as compromising the server. […]

Categories
Cloud Computing

Automating Server Deployments in AWS with Terraform

Previously I discussed deploying Enterprise Linux in AWS which I demonstrated by using the AWS console. This is a common way to deploy servers to the cloud, however doing server deployments manually can create a situation where you’re stuck with static images that are difficult to replicate when your infrastructure grows. One of the benefits […]

Categories
Security

Vulnerability Scanning with Nessus

All software has bugs. Everyone has experienced waiting for your laptop, tablet or phone to install some critical update, or had their computer crash with a spinning wheel of death or blue screen. Bugs in software are generally faults in the programming code or mistakes in the logic of the code. Programmers make mistakes, programming […]

Categories
Security

Setting up a Cyber Security Lab

This post is a brief outline on setting up a home lab for Ethical Hacking, Penetration Testing and Cyber Security research. I’ll use the steps in this article as a base for future articles on more in-depth techniques. There’s already plenty of existing articles and tutorials about this kind of stuff and everyone has their […]

Categories
System Administration

Managing Linux servers with Ansible

Ansible is an open source, configuration management and automation tool sponsored by Red Hat. Ansible lets you define the state that your servers should be in using YAML and then proceeds to create that state over SSH. For example, the state might be that the Apache web server should be present and enabled. The great […]