Table of contents What is OpenAI? Pandora’s Box is Open Writing blog posts Red Teaming Proving AI is generating tool output Stack Overflow questions and answers How to identify OpenAI […]
Author: .NetRussell
The Linux command strings is an incredibly useful tool for finding hidden things in binaries. In this article, we’ll discuss how to use it to uncover hardcoded passwords, API endpoints, […]
The world of computer security was forever changed on March 14th, 2017, when a malicious piece of software known as the Eternal Blue exploit was released into the wild. This […]
The Heartbleed vulnerability is a security flaw in the popular OpenSSL cryptographic software library. It was discovered in April 2014 and affects a significant portion of the Internet’s secure web […]
DevOps is an increasingly popular software development methodology that combines the development and operations teams to create a more efficient and agile system. It has become a key part of […]
What are IDORs? Insecure Direct Object References (IDOR) is a type of vulnerability in web applications that allows attackers to access data that they should not be able to access. […]
I’m not one to give away bug bounty target companies, so once again due to the agreements we enter into with these companies, this company will hence forth be referred […]
Vulnhub is such a great resource for vulnerable virtual machines. Sometimes it can be hit or miss with the realism. At times it’s even laughable that the creator thought you’d […]
I’m back with another great vulnerable boot to root. This time it’s once again one from my favorite site, HackTheBox. If you’re here I’m assuming you already know what HackTheBox […]
Not a ton to talk about for this box. It’s an interesting CTF style machine but I’m not sure I’d rank it in the OSCP prep category. Just something fun […]
Just popped another Windows box. This time, it’s Arctic. This machine, I imagine, is easy when using metasploit. However, I’m not here to point and click exploit. I’m trying to […]
Okay ramping up the difficulty a little. Not another really tough box but this one was done with no metasploit so there was some added complexity. Mapping the Attack Surface […]
This is going to be a fast walkthrough. Nothing fancy here, I’m just going to switch over from vulnhub boxes to hackthebox boxes and I wanted to start with an […]
Another box closer to finally earning my OSCP …. I can feel it It seems so difficult to find boxes that aren’t easy but that also aren’t too difficult. If […]
Are you looking for a box that’s both a light challenge and well put together? Then look no further than this walkthrough and Mr-Robot 1 over on vulnhub. This box […]
Another day, another root. I learn something new on every boot to root I do usually. However, I’m happy to say I finally came across something I’ve wanted to learn […]
Well it’s been another year and it’s once again Hacker Summer Camp time! With Defcon 29 just around the corner, I thought it would be a great time to blow […]
Link to VM ~> https://www.vulnhub.com/entry/photographer-1,519/ Summary: This box was _FANTASTIC_ as it exercises a number of disciplines. The author of the box @v1n1v131r4 (his website http://v1n1v131r4.com/) did a great job […]
So it’s been a looooong while since I’ve been able to sit down and work on some boot to root boxes. Between moving and adjusting to running a rental business […]
So it turns out that my raspberry pi webserver wasn’t as invulnerable to software upgrades as it was to hackers…
Unfortunately, <REDACTED> refused to give me permission to disclose this simple vulnerability I found on one of their web servers. So after 11 months after I found it, with zero […]
THIS POST IS NO LONGER UP TO DATE – MINER IN THE MIDDLE WAS REWRITTEN IN PYTHON ON AUGUST 20TH 2020 PLEASE SEE THE GITHUB LINK TO GET THE UPDATED […]
So about six months ago I started researching how to disappear from the internets. I opted out of all the things. I threw mud in the water on social media […]
I managed to get an interview on Hak5 during Defcon 25 this year! Here’s the episode:-D
I’m in the process of hunting for a new VPN because my current one (Nord VPN) disconnects constantly when I use it with my Tomato Router. I recently came across […]
Here is another fun VM, this one was created by g0tmilk and I’m happy to say, was a lot of fun. Step 1: Reconnaissance I started with a simple nmap […]
I can’t believe another year has come and gone! This was my fifth year at StirTrek and it was a doozy. This year we had a new venue, a new […]
I came across this VM in a chat about prepping for your OSCP and I wanted to give it a go. It was supposed to be a 4 hour machine. […]
Look there’s no easy way to say this, so I’m not going to sugar coat it for you. You’re a product. I know people say that all the time but […]
Hey I know it’s been awhile since I posted. I’ve been spending my free time training up for a new company. I recently came across this great site called Open […]
I’m a firm believer in understanding by doing. I wrote this nifty little SMTP enumeration tool and I wanted to share it. -> smtpenum /path/to/user_wordlist <target ip> <target port> That’s […]
So as some of my readers will know, I recently failed my first attempt at the OSCP certification. What many of you probably don’t know however is that I’m a […]
Well it’s been a solid 60 days of everything PWK. I’ve buffer overflowed, injected and weeped at my desk at 3am. #Complete I’m happy to say that this was a […]
Well I know it’s been a few weeks since my last post and I just wanted to provide an update. Since my last post, I have begun my Offensive Security […]
Well it turns out that building that shell payload was the easiest part of the whole processes. Mainly because I have messed around with shells and netcat a little […]
Well this simple task of reproducing a Metasploit exploit is turning out to be a HUGE learning experience. To quickly recap. We want to brute force an Apache Tomcat […]
So after my last post about getting into Tomcat with Metasploit I decided that Metasploit was fun to mess with but if I actually want to learn then I […]
Wow, what a week! I spent no less than 30 solid hours this week (in my free time) going through these books a little more and boy is there […]
Well I have finally pulled the trigger. I’ve decided that I am ready to start moving toward the security side of things. I think this is a natural step for […]
I know I have been pretty silent over the last month but it was for good reason, I promise. I have been hard at work on a new project that […]
On my never ending journey to becoming a software craftsman, I am once again faced with a fundamental question. To butcher knife or to scalpel?
Just as fast as it came, it is over again… I can’t believe Stir Trek is done. Stir Trek is by far one of my favorite conferences each year. This […]
Alright folks, this is the good one. Transistors are the backbone of the modern world. Arguably, the single most important invention of the 20th century. I would challenge anyone to […]
So it turns out capacitors are actually pretty fun to play with. As you can see from the live feed image of me charging and discharging it over and over […]