Try Hack Me: ColddBox Easy

This room is another super easy and it is perfect for beginners who want to try penetration testing/hacking. The skills/tools to be tested and needed to solve this room are: NMAP, Fuzzing Enumeration, WordPress, and Privilege Escalation through SUID. The room’s creator is @C0ldd. You can access the room at https://tryhackme.com/room/colddboxeasy. I was assigned a …

Try Hack Me: Brute It

This room is super easy and it is perfect for beginners who want to try pentesting/hacking. The skills/tools to be tested and needed to solve this room are: NMAP, Fuzzing/Enumeration, SSH, Brute Forcing, Hash Cracking, and Privilege Escalation. This room was released on 11/06/2020 and it is rated easy in difficulty. Shout-out to the room …

Try Hack me: Startup

The skills/tools to be tested and needed to solve this room are: NMAP, Fuzzing/Enumeration, FTP, Webshell, Reverse Shell, Wireshark, Interpreting/Understanding scripts, and Starting your own web server. This room was released on 11/08/2020 and it is rated easy in difficulty. Shout-out to the room creator, @r1gormort1s. You can access the room at https://tryhackme.com/room/startup. I was …

Well-Crafted Spear-Phishing Caught by our SEG

One or more employees of a Healthcare System had their email account(s) taken over by malicious user(s). An email was sent to some of our employees, luckily our SEG positively identified the email as a spear-phishing attempt. The malicious emails were automatically quarantined, but I went ahead and looked it up anyway as I was …

Why Do I Keep On Studying For Degrees And Certifications? (My zero to hero in cyber security)

Originally posted on 4/24/2020, but decided to add this here on my blog. Today (10/27/2020) was supposed to be the day I would finally put the cap on, walk, and formally be awarded with the Master of Science degree in Cyber Security and Information Assurance from Southern Utah University unfortunately due to the COVID-19, the …

Try Hack Me: Mnemonic

The skills to be tested and needed to solve this room are: bruteforce, code analysis, OSINT, fcrackzip and a lot of enumeration. This room was released on 9/27/2020 and it is rated medium in difficulty. Shout-out to the room creator, @villwocki. You can access the room at https://tryhackme.com/room/mnemonic. I was assigned a target IP address …

Try Hack Me: Upload Vulnerabilities

This skills to be tested and needed to solve the final task of this walkthrough room are: reverse shell, Burp Suite, upload vulnerability, and client-side bypass extension filtering. I am not writing a walkthrough for all the tasks because this is a “walkthrough” room. The only part that the creator wouldn’t hold your hand to …

Try Hack Me: Poster

The skills to be tested and needed to solve this room are: rdbms, postgressql, nmap, Metaspolit, privilege escalation, SSH, find and enumeration. This room was released today, 9/11/2020. Shout-out to the room creator, @stuxnet. You can access the room at https://tryhackme.com/roomposter I was assigned a target IP address of 10.10.66.128. You will be assigned a …

Try Hack Me: RootMe

The skills to be tested and needed to solve this room are: nmap, GoBuster, privilege escalation, SUID, find, webshell, and gtfobins. This room was released today, 9/9/2020. Shout-out to the room creator, @reddyyZ. You can access the room at https://tryhackme.com/room/rootme I was assigned a target IP address of 10.10.177.208. You will be assigned a different …

Try Hack Me: GamingServer

The skills to be tested and needed to solve this room are: nmap, GoBuster, lxd, privilege escalation, local web server, ssh2john, and John. This room was released on 8/30/2020. The initial foothold to me was super easy, but I struggled with the privilege escalation in exploiting lxd. I was really excited because in one of …