CTF

I’m switching gear a bit and hopping over to CyberDefenders today. I’ve not yet used it, and to be honest with you I hadn’t even heard of CyberDefenders before. I think this more on my part though. The two well-known platforms, being TryHackMe and HackTheBox, are the only ones I had heard of. TryHackMe has been a great experience so far, I’ll still be using it daily (and posting write-ups for the rooms), but I’ll definitely be checking out CyberDefenders’ content from here on. Hands-on blue team experience is something I’ve been focusing on lately, so stay tuned for more! ...

Introduction It’s time for more SOC Simulator challenges! Today I’ll be doing the Upload & Conquer scenario. You can find this on the scenarios page. This one is not another phishing-based scenario like my previous SOC simulator writeup. Phishing emails have a lot of red-flags that you can look out for. Once you know what to look for it can be fairly easy to spot. I don’t know if there will be any other phishing-based scenarios, but I’m always happy to see more content! ...

Introduction I haven’t been able to delve in to the SOC Simulators that TryHackMe offer yet. Most online learning platforms are more tailored for red-team experiences. A vulnerable VM will be spun up for you to attack and retrive flags, wahoo! The blue team side feels like it might take some more resources (I have nothing to back this claim up) and preparation. For a normal CTF you can give a vague note of ‘Get the root flag in /root/flag.txt’ and let the users go wild. They can get creative with their approach if they want. In a SOC simulation you don’t really want them getting creative. If you offer a phishing email you don’t want them to break in to the sender email (At least I hope that’s not what this room is about). I’m interested in how the SOC Simulator identifies correct answers. ...

Introduction I’ve been pretty busy lately. So today I’m just doing a very short little challenge room, The Game. There was a neat little game hacking room during the 2024 Advent of Cyber event. It was a pretty good teaching moment for memory overflows and exploitation. This is just a beginner/easy room. So it might not be as exciting, but I’m still happy to keep my streaks up and continue a bit of red-teaming. Let’s see what this challenge room entails! ...