CTF Writeup: Snort Challenge - Live Attacks
First post of 2025. Only three months late, oops! Blue Team activities don’t often get any CTFs. It’s a lot more fun to exploit some fun vulnerability and get root access than sort through countless logs. However! I’ve been meaning to go back to the blue team focused tools. On the CTFs I’ve done I felt a lot more comfortable doing blue team things than I have with anything else. I’m still not sure what I want to specialize in, but analysis is my jam at the moment. ...
Fowsniff CTF - Writeup
CTF Time! This time I’m trying out TryHackMe’s Fowsniff CTF. I’m going into this blind with no prior knowledge, so expect some detours and dead-ends. I’m also going to be censoring any flags/passwords/hashes out. Room overview This boot2root machine is brilliant for new starters. You will have to enumerate this machine by finding open ports, do some online research (its amazing how much information Google can find for you), decoding hashes, brute forcing a pop3 login and much more! ...
Over the Wire - Bandit
OverTheWire is a great way to learn Linux commands, and a bit of “““hacking”””. From their own site: The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. There are a few wargames/rooms that are offered. I’ll be going through the ‘Bandit’ room, which is the easiest/first. The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. ...
One year on Mastodon
Wowza, already been a year huh? It’s actually been just over a year since I joined Infosec.exchange. I was on Mastodon.Social for a while actually, but moved across a few months later. This is just a quick post I wrote in an hour or two, Looking back on my experience so far. Twitter I joined Twitter sometime in 2016. I had a few content creator friends, and at the time I wanted to work in video games. I was at high-school and I wanted to find an online community. Twitter was the place for that! I connected with a few people and got a few followers. I fell into ‘Web Dev’ Twitter. There were a few ‘big players’ who everyone seemed to follow, and they all seemed to interact with each other. It was nice, but I felt that my follower count (A whole 80!) made me feel like I couldn’t interact with these big accounts. ...
My Security+ Journey
I recently passed the Security+ (SY0-601). This is my first InfoSec related ceritification, so I thought I might write a bit about what I learned along the way. Way back in April of 2023 I was on a month long trip around Europe. I already knew by that point that I wanted to pivot from the helpdesk to the Security team at my current company. I had expressed my interest, but wanted to show that I was willing to learn outside of work. ...