Hello all and Happy New Year! This is a writeup for the fourth Holiday Hack Challenge from SANS, KringleCon 4: Calling Birds. This will be specifically for the challenge Printer Exploitation using a Hash Extension Attack. To start this challenge, enter Jack Frost’s Office:

Malware Traffic Analyses are a set of CTF challenges for analysing traffic and an excellent way of developing threat hunting using tools like Wireshark and Suricata. Here we do their third CTF challenge, analysing a PCAP from an infected machine. This can be downloaded from the Cyber Defenders page here. …

Hello folks, it’s been a while but today I’m going to show you how to OSINTify targets based on different types of attacks. From this exercise it was alarming how much information was gathered. …

SANS provide a very clear pathway for Incident Response in their Cyber Security Map Pathway, starting off with SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling. Having literally just passed the GCIH (GIAC Certified Incident Handler) exam which complements the course, thought it only fair to share my views on the training, materials, labs and exam itself. I was fortunate enough to be selected for the Work-Study program — this was designed to give participants a discounted pass in exchange for acting as a moderator of the classes. Given this was still during the height of the COVID-19 pandemic, this was done remotely and involved helping anyone…

It’s that time of the year again; the 2020 SANS Holiday Hack Challenge, featuring KringleCon 3: French Hens! This year’s event had a total of 12 challenges with a wide range of activities, mainly Penetration Testing boxes although others such as Threat Hunting, Cryptography and even a bit of JavaScript training. There were many different tools provided within each challenge environment (such as Splunk, Amazon S3 bucket finders, CAN BUS traffic monitoring) requiring some foundational knowledge, alongside external research. As such, this is a writeup for Objective 9 — ARP Shenanigans.

Practical Malware Analysis is a book introducing fundamental and advance analysis of malware both statically and dynamically. Today, we work through the Practical Malware Analysis exercises in Chapter 6 — Recognising C Code Constructs in Assembly Language. This chapter if you haven’t guessed is for helping understand what is going…

Here we are with another of the malware reverse engineering challenges from MalwareTech — this time Ransomware. These are static analysis challenges and therefore require a disassembler and not a debugger or dumper. Presumably most people reading this will be using the article as guidance. …

Hello folks, we’re here for some more CTF challenges — this time malware reverse engineering. MalwareTech (aka Marcus Hutchins) is a computer researcher and malware analyst, if his alias hadn’t helped you guess, who is famous for stopping the infamous WannaCry ransomware, which affected (and infected) over 200,000 devices, in…

Here we continue with the MemLabs CTFs… Lab 4 — Obsession: My system was recently compromised. The Hacker stole a lot of information but he also deleted a very important file of mine. I have no idea on how to recover it. The only evidence we have, at this point of time is this memory dump. …