Staying Busy
Wow, I am now starting to realize the challenge of maintaining a blog while trying to keep up on my work and other life responsibilities! It’s been a little while and just wanted to keep up on some of the … Continued
Stripe CTF – Level 5
Note: For more information on this series of posts and the CTF exercise, please read the Background section of the first post in this series. Level 05 Okay, we’re getting closer the elusive flag. Just two levels left. Let’s see how we … Continued
Stripe CTF – Level 4
Note: For more information on this series of posts and the CTF exercise, please read the Background section of the first post in this series. Level 04 We are half way through the game and having a lot of fun … Continued
Stripe CTF – Level 3
Note: For more information on this series of posts and the CTF exercise, please read the Background section of the first post in this series. Level 03 I’ve broken the write-up for this level into two sections, binary analysis and solutions, as … Continued
Stripe CTF – Level 2
Note: For more information on this series of posts and the CTF exercise, please read the Background section of the first post in this series. Level 02 Now that we’ve obtained the level02 password, we can login to the server … Continued
Stripe CTF – Level 1
Background In March of 2012, the folks over at Stripe (stripe.com) hosted a capture the flag wargame in a fashion similar to the smash the stack wargames. Unfortunately, I didn’t find out about the Stripe CTF event until after the … Continued
Client-Side Attack using a Zero Day Exploit in Metasploit
This post walks you through exploiting IE8 using a 0-day exploit. In general, this post is aimed at describing the basics of exploitation through client-side attacks. But it’s also intriguing since we’ll be using Metasploit to exploit a flaw in … Continued
Setting Up Your Own Virtual Pentest Lab – Part 2
Part 2 – Loading and Installing Vulnerable VMs to ESXi Okay, so now we have this nice ESXi server sitting there like a “blank canvas” so to speak. Well the next step in setting up our own pentest lab is … Continued
Setting Up Your Own Virtual Pentest Lab – Part 1
In this series of posts I hope to explain what I consider to be a cheap and elegant solution for your own virtual pentest lab. I’m passionate about information security and recently took the Pentesting with BackTrack (PWB) course and … Continued
Welcome to my blog!
Yep, I did it…I started a blog. Don’t get nervous, I’m not quitting my job, not soliciting money, and not promoting any big agenda. This actually is mainly meant for me. I am an information security enthusiast and passionate about … Continued