‘Lo Scampo’ was a challenge in the OSINT category of csictf 2020
whoamiMy name is Jay and I'm a penetration tester at Security Innovation.
I find that I'm able to retain information a little easier if I write it down as if I'm trying to teach someone how to do it. So this is basically a culmination of all of my notes presented in a 'how-to' or 'teaching' format.
As time goes on you'll be able to find things like Box and CTF Challenge Writeups, cheatsheets I've written for myself, projects I'm working on and even some articles on tools/concepts that I come across as I learn.
Feel free to contact me on Twitter!
‘Flying Places’ was a challenge in the OSINT category of csictf 2020
‘Commitment’ was a challenge in the OSINT category of csictf 2020
‘Beep’ is an easy rated box on Hack the Box. We’ll be using public exploits from exploit DB to exploit both LFI and RCE on an old version of Elastix. Once we’re in the box we’ll abuse an outdated version of Nmap to escalate our privileges.
‘Remote’ is an Easy rated box on Hack The Box. We’ll be looking at Umbraco CMS, public mountable shares, shell crafting with msfvenom and using evil-winrm for login.