top of page
Search
BlueDolphin
Nov 2, 2022
Hack the Box - Trick
Enumeration Summary This machine initially required subdomain enumeration which opened the door for a new attack surface that was...
BlueDolphin
Oct 12, 2022
Linux Hard Disk/Drive - Reference
Hard Disk Layout du -h --max-depth=1 - Total space taken by each directory du -h --max-depth=1 /usr - Total space taken up individually...
BlueDolphin
Oct 9, 2022
Hack the Box - Late
Engagement flow Enumeration We start off with a standard enumeration phase where we have a narrow attack surface. We know this will...
BlueDolphin
Aug 17, 2022
Try Hack Me - Greenbone GVM and OpenVas
Task 1 - Introduction The first task is fairly simple so I will elaborate on OpenVas. The OpenVas project was born in 2005 when the...
BlueDolphin
Aug 13, 2022
Python Poetry - Packaging and dependency management made easy
References: https://python-poetry.org/ https://github.com/python-poetry/poetry https://python-poetry.org/docs/...
BlueDolphin
Aug 12, 2022
Greenbone Vulnerability Management Scanner - New Notus Scanner
References https://www.greenbone.net/en/notus/ https://www.greenbone.net/en/new-vulnerability-scanner-notus/ https://www.greenbone.net/en...
BlueDolphin
Jul 6, 2022
Hack the Box Router Space
Engagement flow Enumeration Port discovery Web enumeration apk download Browsing to the website we see options for a download and a get...
BlueDolphin
Jul 6, 2022
Hack the Box - Undetected
PHP, RCE, Reversing, File System, Forensics, Attacks/Weak Password, Attacks/Backdoor
BlueDolphin
Jun 20, 2022
Hack the Box - Paper
#Wordpress #CMSExploit #LFI
#CVE
BlueDolphin
Jun 19, 2022
Boss of the Soc - Splunk
Pre-amble The focus of this hands on lab will be an APT scenario and a ransomware scenario. You assume the persona of Alice Bluebird, the...
BlueDolphin
Jun 14, 2022
Tenable CTF 2022 - Forensics
These are my writeups for the tenable CTF Forensic category. This challenge presents us with a pdf document containing redacted...
BlueDolphin
Jun 11, 2022
Google CTF - Beginner Quest Part 1
Welcome Google will run the 2021 CTF competition in two parts: an online jeopardy-CTF competition, and second contest open only to the...
BlueDolphin
Jun 11, 2022
Hack the Box - Meta
Topics: Python, CVE, Sudo Exploitation, sub domain enumeration, Exiftool, file upload, ssh keys, pspy, custom script, image magick,
BlueDolphin
May 28, 2022
Hack the Box - Pandora
#PHP #CMS Exploit #SQLi #CVE #SUID #SQL #RCE
BlueDolphin
May 8, 2022
Hack the Box - Secret
Javascript, Source Code Review, Git, Weak Authentication, OS Command Injection, SUID, Auth failure.
BlueDolphin
Apr 25, 2022
Cyber Defenders - Malware Traffic Analysis 1
The attached PCAP belongs to an Exploitation Kit infection. Analyze it using your favorite tool and answer the challenge questions....
BlueDolphin
Apr 23, 2022
Hack the Box - BackDoor
Work flow Summary Another easy machine that required several twists and turn along the way to root. Starting off with a narrow attack...
BlueDolphin
Apr 13, 2022
CyberDefenders - HawkEye - PCap Forensics
Scenario: An accountant at your organization received an email regarding an invoice with a download link. Suspicious network traffic was obs
BlueDolphin
Apr 9, 2022
Hack the Box - Devzat
Docker, API, CVE, RCE, Golang, Source Code Review, Git abuse, LFI, cmd injection.
BlueDolphin
Mar 21, 2022
Hack the Box - Driver
SCP File injection, MITM - Responder, NTLM, evil-winrm, printer nightmare.
bottom of page