It’s a bit quiet over here…

Yes… it is. All for good reasons though!

So what’s been going on over the past few weeks since my Jeeve’s Write Up?

Well I’ve done another couple of write ups, but those boxes are still active on Hack the Box so won’t be released to the public until those boxes have been retired.

I’ve messed around with having a Kali Linux Live USB stick complete with encrypted persistence. That was fun to do and feels kind of cool carrying around all the tools I’d need to use just in my pocket!

I’ve also finally enrolled on 7 Safe’s Certified Security Testing Professional course which I will complete in July. Exciting times.

Taken part in a Cyber War Games event where I learnt quite a lot. The most interesting of my learnings from that event was the use of a Stick Keys exploit. I’ll write up a post on what that is later on this week.

I’ve successfully demonstrated deserialization vulnerabilities in a talk at my place of work which was taken quite well. As this was a work time peice, I just need to get permission to post the presentation or write up on here before I can do so but if not then I’ll just do it again in my own time.

Aside from that I’ve had standard life stuff going on really; work, exercise and gaming.

So sorry for the silence, but there’s content coming I can assure you! Watch this space…

Start of something new

A few weeks ago I decided that I’d finally like to pursue a career in to Cyber Security. I’ve always had an interest in it but never found the time or drive to follow up those interests.

Over the past 2 years I’ve been more and more involved with the Cyber Security team at my work place, starting out by taking part in a CTF Hacker-ton (and coming 2nd world wide two times in a row) and on to becoming a Security Champion within the company.

Having seen a Security Consultant job advertised internally, I decided I’d book some time with some of the Cyber team one-to-one to find out just what is involved in their day to day jobs. They’ve told me of various courses, podcasts and other resources I can use to help myself learn and hopefully get that foot in the door that I desperately crave.

One of those resources was a Pen Test Lab called Hack the Box. Shortly after learning of it, I had a week off work to relax, play some games and spend some extra time at the gym. However, I made the mistake of registering on Hack the Box on the first day of my holiday! The rest of my holiday was filled with box hacking until the early hours of the morning (4am most days!). I went from not even knowing what PrivEsc meant and thinking that an Enum was an Enumerated Type, to hacking my way in to several boxes and solving multiple other challenges available on Hack the Box.

Although it may take a long time to get there…it’s definately a place I want to be and in the mean time, I’m going to document everything I can along the way to not only help others learn but to also serve as a kind of Portfolio to show what I can do.

A lot of Pen Test/CTF labs don’t allow spoilers for a given period of time, and I fully intend to honour all of those rules. Any write ups and how-to’s that I publish will only be published after the embargo has been lifted.