Security Featured Trojans in your source code Be aware of the dangers of hidden Unicode control characters and how they can make your source code appear differently than it is executed
Development Featured Why your company will be hacked This is a short list of common reasons why your company is going to be hacked. Learn from the past to improve the future!
Hacking SANS Holiday Hack Challenge 2020 write-up This is my write-up for the 2020 SANS Holiday Hack Challenge. It contains the solutions for all terminals, objectives and side quests.
Hacking Getting started with the SANS Holiday Hack Challenge 2020 How to get started with the 2020 SANS Holiday Hack challenge: KringleCon 3
Security Featured Buffer overflow attacks explained How does a typical buffer overflow exploit work in code, at run-time and in memory and what can be achieved by running it?
Hacking SANS Holiday Hack Challenge 2019 Write-up This article is my write-up for the 2019 SANS Holiday Hack Challenge. It contains the solutions for all terminals, puzzles and objectives
Hacking Getting started with the SANS Holiday Hack Challenge 2019 How to get started with the 2019 SANS Holiday Hack challenge: KringleCon
Development Hosting a CTF made easy using Docker and DigitalOcean Hosting a CTF can be a piece of cake by deploying a Docker container in a DigitalOcean Droplet. This article will run through this process. Fully automated script provided as well.
Hacking Two-Factor authentication: How to secure your accounts? How to secure your online accounts by setting up two-factor authentication (2FA) and why is it important to do so? Step-by-step guide for 2FA.
Security Executing a man-in-the-middle attack How can you become a man-in-the-middle on a network to eavesdrop on user traffic and what can you do to protect yourself against such an attack?
Network TCP 3-way handshake and port scanning How does the TCP 3-way handshake work and how is it used to perform a port scan?
Security Hosting a Cookie Stealer in Google Forms This article describes a quick and easy way to have cookie stealing functionality for your XSS tests, by using Google Forms as a host.
Security How I got access to local AWS info via Jira This article will describe how I exploited an SSRF vulnerability in an Atlassian plugin and gained access to AWS instance metadata via a local endpoint, explaining the theory and techniques along the way
Hacking Featured Hacking Windows with Meterpreter Explore the post-exploitation world of a hacked Windows machine. Steal credentials, key logging, screen capture, new accounts, download files and more.
Security Metasploit, WannaCry and Windows update How to use Metasploit to execute the Eternalblue exploit (like WannaCry and Petya ransomware) and why you should install your latest Windows updates
Security 5 Phases of hacking An ethical hacker follows a similar process to that of a malicious hacker to gain and maintain access to a computer system. The process of a typical attack scenario can be broken down into five distinct phases, which are described in this article.
