‘Commitment’ was a challenge in the OSINT category of csictf 2020
whoamiMy name is Jay and I'm studying CyberSecurity with a focus on Red Team operations.
I find that I'm able to retain information a little easier if I write it down as if I'm trying to teach someone how to do it. So this is basically a culmination of all of my notes presented in a 'how-to' or 'teaching' format.
As time goes on you'll be able to find things like Box and CTF Challenge Writeups, cheatsheets I've written for myself, projects I'm working on and even some articles on tools/concepts that I come across as I learn.
Feel free to contact me on Twitter!
‘Beep’ is an easy rated box on Hack the Box. We’ll be using public exploits from exploit DB to exploit both LFI and RCE on an old version of Elastix. Once we’re in the box we’ll abuse an outdated version of Nmap to escalate our privileges.
‘Remote’ is an Easy rated box on Hack The Box. We’ll be looking at Umbraco CMS, public mountable shares, shell crafting with msfvenom and using evil-winrm for login.
‘Peak Hill’ box created by John Hammond on TryHackMe. We’ll be checking out a FTP server with anonymous login, Python’s pickle module and a neat custom challenge that we need to exploit.