Posts

    2019

    Crikey Con 2019 Free Ticket Challenge

    I was reading a Medium post about the OSCP from Luke Stephens (his Twitter) a few days ago and I noticed he had another article titled “How I Hacked My Way to a Free CrikeyCon Ticket and a New Job”. This looked interesting. It was interesting and I decided to follow Luke on Twitter. I then saw the 2019 edition of the CrikeyCon free ticket challenge and thought it would be a fun idea to give it a shot, whether or not I intended to go in the running for the free ticket itself.

    HackTheBox Curling Writeup

    Curling is an easy rated Linux box on www.hackthebox.eu worth 20 points. This is my second ever box on HTB so I’m still learning the ropes.

    Pi Hole Your Life

    These days most of us use some form of an ad blocker on our web browsers (if you don’t already, uBlock Origin is the place to start). Ads are not only annoying but at times, malicious. It is a good basic security practice to use one on your devices that support it. Unfortunately, when it comes to our mobile devices or smart TVs as an example, there is no / little support for extensions or applications that can perform the same job unless you are prepared to play around with rooting your device or setting up something further upstream.

    Two Factor Authentication with 1Password

    There’s a lot of chatter in the information security community how SMS 2FA is awful, and with all the recent high-profile cases of sim swapping attacks due to useless Telco’s or susceptible employees, you would have good reason to think that. For further reading, see Brian Krebs fairly recent article on an example of why SMS based 2FA is bad and what we should be using in place of it.

    Changing my Password Mentality

    When I was a bit younger, I used to have a favourite password for everything. Given that I’m still not that old, my ignorance was not that damaging. I still adhered to the basic password rules about not using a dictionary word, at least 8 characters, using a capital and a number and all that. The sad thing is even that is still too much effort for many people today.

    2018

    OverTheWire Leviathan Challenges

    Leviathan is another set of beginner Linux challenges at OverTheWire. These challenges previously lived at intruded.net and are quite different from the Bandit challenges. You SHOULD be trying these challenges yourself. Writeups and answer guides like this should be your last resort if you need a hint.

    OverTheWire Bandit Challenges

    Bandit is the set of beginner Linux challenges at OverTheWire. These are great to get you learning the Linux command line and the basic skills you will need for CTF’s / penetration testing. These following writeups are not the answers directly, but more the process to get the answer (although sometimes the answers will be in the screenshots).

    Building a PC

    I finished University last year and wanted to finally build a PC for myself. It had been a long time coming but I had enough moolah to go ahead this time. I was already familiar with PC building as I had built my parents a desktop some years ago. I had also done repairs and RAM & SSD replacements on my own laptop.

    Hello World

    Welcome to my blog.