Offensive Security – Proving Grounds – ClamAV Write-up – No Metasploit

ClamAV is a machine available in the Practice area of the Offensive Security Proving Grounds. This box difficulty is easy. Lets dive in and take a look. Reconnaissance Starting with a nmap scan enabling all scripts, detecting versions, and output all formats to files starting with the string “simple”. Weaponization and Delivery So using this …

Offensive Security – Proving Grounds – Internal Write-up – No Metasploit

Internal is a machine available in the Practice area of the Offensive Security Proving Grounds. This machine was super easy, so I will be focusing on manual exploitation and solid enumeration. Reconnaissance Lets start with some basic enumeration. Here we immediately see our target is “Windows Server (R) 2008 Standard 6001 Service Pack 1”. We …

Offensive Security – Proving Grounds – Bratarina Write-up – No Metasploit

Offensive security has recently released a new platform for testing your technical skills called the Proving Grounds. This service comes shortly after Offensive Security acquired VulnHub. Within the proving grounds you have a choice to hack the “Play” machines for free, or pay the monthly subscription to get access to offensive security created machines. I …

OSCP Buffer Overflow write-up from TryHackMe

Try Hack Me recently released a free room created by Tib3rius on the tryhackme.com site for anyone wanting to learn more about exploiting buffer overflows. The room includes a machine that can be deployed with the vulnerable app and the primary needed tool; Immunity Debugger. All exploitation in this write-up is performed remotely using Kali …

Data Exfiltration with Base64

A well defended network and properly trained security professional has many opportunities of detecting and stopping malicious actors. Each layer of activity found in the Mitre ATT&CK Matrix is a chance for the malicious actor to trip an alarm. A malicious cyber attack only needs to be detected and stopped in one of the stages …

OSCP-Voucher-Giveaway-VM – LXC/LXD method – Write-up

Offensive Security Community Manager Tjnull offered up a voucher for the OSCP PWK. For a chance to win the OSCP voucher, participants must download a VM from VulnHub, get root permissions on the VM, and submit the flag to a user in Discord. VulnHubLink: https://www.vulnhub.com/entry/infosec-prep-oscp,508/ Lets dig in an see what we can find. Reconnaissance …

HTB Sauna – No Metasploit

This machine is rated easy and was released in February 2020. This machine is rating on the higher end of easy for both user and root. Reconnaissance Lets start by kicking off a NMAP scan running default scripts, version detection, saving outputs, maxing the verbosity, and scanning all TCP ports. One reason for maxing the …

HTB Resolute – No Metasploit

Hack the Box retired Resolute this week. This machine is rated medium and was released in December 2019. Root looks to be much more difficult than user on this one. Let’s see what we can find. Reconnaissance To start things off I start a NMAP scan running default scripts, version detection, saving outputs, maxing the …

How I Passed the PCNSA

What is the PCNSA? The PCNSA stands for Palo Alto Networks Certified Network Security Administrator. This is a mid-level exam provided by Palo Alto that covers the following topics: Security Platform and Architecture Initial Configuration Interface Configuration Security and NAT Policies App-ID™ Content-ID™ URL Filtering Decryption WildFire™ User-ID™ GlobalProtect™ Site-to-Site VPN Monitoring and Reporting Active/Passive …

Building a Splunk Dashboard for pfSense

After installing my pfSense firewall a couple of months ago, I have been wanting to get a nice dashboard built in Splunk. I will be building on the Snort configuration found in my last blog reviewing the Netgate-1100. (See Here) In this blog I show how to install and configure the pfSense Splunk application “TA-pfSense” …