Estimated difficulty: 💜💜💜💜🤍 Recently I have been approached by many folks on how to get started with automotive hacking. After completing my dissertation in automotive hacking (and achieving a whopping 90% – yippee!) I decided to write this blog post as an introduction into the one of the many ways Continue Reading
Locked Out: What is Ransomware?
Estimated difficulty: 💜🤍🤍🤍🤍 Ransomware can be a costly attack to organisations of all sizes. Recently Garmin fell victim to a ransomware attack, with reported ransoms of up to US$10 million in exchange to reinstate company files. According to a The State of Ransomware 2020 by Sophos, the global average cost Continue Reading
Grounded: A High-level Overview on Aviation Industry Security
Estimated difficulty: 💜💜💜💜💜 For the folks that follow me on Twitter, you may remember me exclaiming for help a few months back for information on the security within the aviation industry for my Information Assurance (IA) assignment. Firstly, a huge thank you to everyone that reached out – applying professional Continue Reading
You Shall Not Pass: Authentication 101
Estimated difficulty: 💜💜🤍🤍🤍 Authentication. A familiar “buzzword” we see that is parroted in all things security, a selling point for many vendors, and a well-known term written (quite a lot) by pen-testers in their final reports. But what exactly is authentication? Well, in reality authentication is a complex and sizeable Continue Reading
STOP! In the Name of Web: Intercepting Traffic with BurpSuite (A Beginner’s Guide)
Estimated Difficulty: 💜💜💜🤍🤍 Another song themed blog, this blog will mostly cover BurpSuite interception basics (including how to setup BurpSuite). We will be demonstrating BurpSuite using Kali Linux, using the Community Version (1.7.35). As always, constructive criticisms and feedback are always welcome! Back to Basics Before we dive into the Continue Reading
They See Me Scannin’, They Hatin’: A Beginner’s Guide to Nmap
Estimated Difficulty: 💜💜💜🤍🤍 Recon, Recon, Recon One of the most important phases of an attack, is the reconnaissance phase. Often abbreviated to recon, this phase usually consists of a variety of process and techniques to collect information about a target system. This phase may also be known as “Information Gathering” Continue Reading
Bop to the Top: A Linux Priv Esc. Checklist
Estimated Difficulty: 💜💜💜💜🤍 Congratulations, you’ve got a foothold!Now what? Bop to the Top and get yourself some Root! The following blog will detail my own personal checklist that I run through when attempting to privilege escalate in a Linux environment. From my personal experience, it has a fairly good success Continue Reading
I’m in Chroot Jail, Get Me Out of Here!
Estimated Difficulty: 💜💜💜💜🤍 So you’ve hacked it. You got root. Or do you? What is a chroot jail? Chroot jails can fool attackers to think that they supposedly have immediate root privilege access to the environment. Chroot in Unix operating systems help change the apparent root (chroot) directory. I guess Continue Reading