Configure a Web Server in Docker with an Nginx Reverse Proxy In this blog, I'll provide an overview of how to set up a web server in Docker and use an Nginx proxy to route traffic to the web application. It
ctf DEADFACE CTF 2022 Every year, Cyber Hacktics and CyberUp organize a Capture-the-Flag (CTF) event in support of National Cyber Security Awareness Month. Competitors will play on teams of up to four players and must solve challenges relating to various cybersecurity categories.
ctf DEADFACE CTF 2021 This October, Cyber Hacktics and CyberUp will once again be hosting a CTF in support of National Cyber Security Awareness Month! Formerly Hacktober CTF, the title of this year's CTF is DEADFACE CTF.
phishing Avoid Phishing by Knowing the Signs It's easy to be fooled by phishing attacks if you don't know how to detect the signs that you're being phished. In this blog, I'll dissect a real-world phishing email that was sent to me personally and highlight all of the warning signs in the email.
Virtual Machine Tips & Tricks: Transferring Files During CTFs or penetration testing, it's imperative to know a variety of methods for transferring files between different machines and operating systems.
steganography Hiding Information by Manipulating an Image's Height In this blog, I'll demonstrate how this can be accomplished and what it might possibly look like in real-world application.
Hacktober 2020 CTF Wrap Up This blog is a follow-up to the Hacktober 2020 CTF blog I wrote back in August. We anticipated about 300 players this year and - as mentioned in the previous paragraph - we far exceeded that. In this blog, I'll go over some of the successes and lessons learned from this event.
hacktober Passing SSH Users to Unique Docker Containers In this blog, I'll go over step-by-step instructions showing how I created the Talking to the Dead Linux challenges.
Hacktober 2020 CTF This October, Cyber Hacktics and CyberUp will be hosting this year's Hacktober CTF in support of National Cyber Security Awareness Month!
volatility Carving Sensitive Information from Memory with Volatility In this blog, I'll demonstrate how to carve out a malicious executable found in a memory dump file. I'll also show how to extract password hashes and crack the password from the hash.
volatility Memory Forensics on Windows 10 with Volatility Volatility is a tool that can be used to analyze a volatile memory of a system. With this easy-to-use tool, you can inspect processes, look at command history, and even pull files and passwords from a system without even being on the system!
python Build a Caesar Cipher in Python The Caesar cipher comes from its namesake: Julius Caesar. It's an antiquated method of encoding a message simply by shifting the characters of the alphabet. With Python, we can easily create our own program to encode and decode messages using a Caesar Cipher.
ctf Kaizen CTF - Watering Hole The Watering Hole category of challenges were one of the first set of challenges in the event. They required diverse techniques that ranged from amateur to moderate skill level.
ctf Kaizen CTF - Getting Started Kaizen CTF is an event developed and hosted by Booz Allen Hamilton. It's a CTF designed to provide multi-layered, non-obvious vulnerabilities using techniques in forensics, web exploitation, scripting, and reverse engineering.
NeverLAN CTF - Look Into the Past Look Into the Past was a fun challenge that gave players a zipped copy of a Linux machine's file system. The goal of this challenge was to find the flag
ctf KringleCon 2019 - The Holiday Hack Trail The Holiday Hack Trail was a fun little spin on the classic game we all failed miserably at as kids: The Oregon Trail. It was a fun challenge designed to
ctf KringleCon 2019 - Frosty Keypad Frosty Keypad was a fun challenge designed to simulate breaking through physical security by brute-forcing a keypad.
education Set Up Safe Browsing for Your Kids The internet is a scary place, but there are ways you can protect them from stumbling into the dark corners of the internet!
ctf SwampCTF - Last Transmission Last Transmission is another steganography challenge. It's not as sophisticated as some of the others - but its point value was low, so that's to be expected. This one actually
ctf SwampCTF - Leap of Faith This is another steganography challenge that required the use of several tools atypical of traditional steganography. I found this one very challenging at first, and it required a lot of
ctf SwampCTF - Neo Neo is the first challenge I solved in SwampCTF. This challenge was worth 50 points and was definitely one of the easier challenges to solve. -------------------------------------------------------------------------------- Accessing the Challenge Clicking
ctf KringleCon 2018 - Lethal ForensicELFication Lethal ForensicELFication was another very easy challenge that demonstrated how vim stores its history. This challenge was definitely designed for beginners - and there's nothing wrong with that! It was
ctf KringleCon 2018 - Stall Mucking Report Stall Mucking Report involved uploading a document to an SMB share. The catch: the NPC doesn't give you the username or the password. This challenge was also fairly easy, and
ctf KringleCon 2018 - The Name Game The Name Game was a fun challenge that required players to combine code injection and some basic SQL commands. Being fond of databases myself, I really enjoyed this challenge. It
SANS KringleCon 2018 - Essential Editor Did you participate in this year's SANS Holiday Hack challenge, otherwise known as KringleCon? Well, this year I've decided to create a write-up for their challenges. Check it out here!