zacheller@home:~/blog$

  • STL OWASP QUARANTINE CTF

    Capture the Flag (CTF) is a type of computer security competition usually designed to serve as an educational exercise to give participants experience in analyzing and exploiting security flaws. To give people more to do indoors, Chris Elbring and I developed the fully remote QUARANTINE CTF hosted by STL OWASP....

  • Dabbling in Open Source

    I was searching Up For Grabs for an open-source project to work on and stumbled upon an interesting tool called passthief that I figured would be useful in pentesting. I analyzed all the modules in anticipation for writing the Firefox password extracter module. In Linux, I found the two files...

  • Introduction to Code Review

    From PentesterLab.com Reasons for doing code review It can be faster than penetration testing. Some issues are really easy to spot during a code review (for example weak encryption), where others can take a lot more time (XSS for example). Compliance can require you to perform security code review (for...

  • HackTheBox - Sauna

    Enumeration root@kali:~/HackTheBox/Sauna# nmap -p- 10.10.10.175 Starting Nmap 7.80 ( https://nmap.org ) at 2020-04-05 16:09 EDT Nmap scan report for 10.10.10.175 Host is up (0.049s latency). Not shown: 65515 filtered ports PORT STATE SERVICE 53/tcp open domain 80/tcp open http 88/tcp open kerberos-sec 135/tcp open msrpc 139/tcp open netbios-ssn 389/tcp open...