Grounded: A High-level Overview on Aviation Industry Security

Estimated difficulty: 💜💜💜💜💜 For the folks that follow me on Twitter, you may remember me exclaiming for help a few months back for information on the security within the aviation industry for my Information Assurance (IA) assignment. Firstly, a huge thank you to everyone that reached out – applying professional knowledge to my research resulted …

You Shall Not Pass: Authentication 101

Estimated difficulty: 💜💜🤍🤍🤍 Authentication. A familiar “buzzword” we see that is parroted in all things security, a selling point for many vendors, and a well-known term written (quite a lot) by pen-testers in their final reports. But what exactly is authentication? Well, in reality authentication is a complex and sizeable topic, but to get you …

STOP! In the Name of Web: Intercepting Traffic with BurpSuite (A Beginner’s Guide)

Estimated Difficulty: 💜💜💜🤍🤍 Another song themed blog, this blog will mostly cover BurpSuite interception basics (including how to setup BurpSuite). We will be demonstrating BurpSuite using Kali Linux, using the Community Version (1.7.35). As always, constructive criticisms and feedback are always welcome! Back to Basics Before we dive into the realm of web hacking and …

They See Me Scannin’, They Hatin’: A Beginner’s Guide to Nmap

Estimated Difficulty: 💜💜💜🤍🤍 Recon, Recon, Recon One of the most important phases of an attack, is the reconnaissance phase. Often abbreviated to recon, this phase usually consists of a variety of process and techniques to collect information about a target system. This phase may also be known as “Information Gathering” as the main goal is …

Bop to the Top: A Linux Priv Esc. Checklist

Estimated Difficulty: 💜💜💜💜🤍 Congratulations, you’ve got a foothold!Now what? Bop to the Top and get yourself some Root! The following blog will detail my own personal checklist that I run through when attempting to privilege escalate in a Linux environment. From my personal experience, it has a fairly good success rate – but I’ll also …

I’m in Chroot Jail, Get Me Out of Here!

Estimated Difficulty: 💜💜💜💜🤍 So you’ve hacked it. You got root. Or do you? What is a chroot jail? Chroot jails can fool attackers to think that they supposedly have immediate root privilege access to the environment. Chroot in Unix operating systems help change the apparent root (chroot) directory. I guess you could call it a …