https://josusb.com/categories/cybersecurity/Recent content in Cybersecurity on JO's USBHugo -- gohugo.ioCopyright © 2021-2024 JO. All Rights Reserved.Sat, 08 Jun 2024 00:00:00 +0000https://josusb.com/blog/ctf-malbuster/Sat, 08 Jun 2024 00:00:00 +0000https://josusb.com/blog/ctf-malbuster/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is part of the <a href="https://tryhackme.com/module/malware-analysis" target="_blank" rel="noopener noreferrer">Malware Analysis<i class="fas fa-external-link-square-alt ms-1"></i></a> module on THM. In this scenario, you are tasked to analyze unknown malware samples detected by your Security Operations team.</p>https://josusb.com/blog/ctf-benign/Sat, 25 May 2024 00:00:00 +0000https://josusb.com/blog/ctf-benign/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is part of the <a href="https://tryhackme.com/path/outline/soclevel1" target="_blank" rel="noopener noreferrer">SOC Level 1<i class="fas fa-external-link-square-alt ms-1"></i></a> learning path on TryHackMe. You are tasked to investigate a compromised corporate system using limited Splunk logs.</p>https://josusb.com/blog/ctf-snort-challenge/Fri, 24 May 2024 00:00:00 +0000https://josusb.com/blog/ctf-snort-challenge/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is part of the <a href="https://tryhackme.com/path/outline/soclevel1" target="_blank" rel="noopener noreferrer">SOC Level 1<i class="fas fa-external-link-square-alt ms-1"></i></a> learning path on TryHackMe. It simulates active network breaches on a system, and you are tasked with detecting and remediating the breaches with Snort.</p>https://josusb.com/blog/ctf-huntme-ii/Mon, 13 May 2024 00:00:00 +0000https://josusb.com/blog/ctf-huntme-ii/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is the final challenge of the <a href="https://tryhackme.com/module/threat-hunting" target="_blank" rel="noopener noreferrer">Threat Hunting<i class="fas fa-external-link-square-alt ms-1"></i></a> module on THM. It follows-up right after Hunt Me I, but the questions guide the investigation much less than before.</p>https://josusb.com/blog/ctf-huntme-i/Fri, 10 May 2024 00:00:00 +0000https://josusb.com/blog/ctf-huntme-i/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is a threat-hunting practice scenario. We&rsquo;ll have to investigate malicious activity on a computer that&rsquo;s been the victim of a phishing attack, from initial access all the way to stealing confidential data.</p>https://josusb.com/blog/ctf-you-cant-c-me/Fri, 10 Sep 2021 00:00:00 +0000https://josusb.com/blog/ctf-you-cant-c-me/Overview# You Can&rsquo;t See Me is a fun CTF on Hack The Box that requires you to reverse engineer a simple C application. It&rsquo;s generally rated as an &ldquo;Easy&rdquo; challenge, and is a good introduction to reversing software and performing malware analysis. As with the other CTF guides, answers will be blurred out. Also for brevity, I won&rsquo;t be including all output of every command. You can find the link to You Can&rsquo;t See Me here.https://josusb.com/blog/ctf-overpass2/Fri, 27 Aug 2021 00:00:00 +0000https://josusb.com/blog/ctf-overpass2/Overview# Overpass 2 - Hacked is the second CTF in the Overpass series on TryHackMe, and this scenario has you helping to recover a website that&rsquo;s been hacked! You&rsquo;ll have to analyze a packet capture (PCAP) file with Wireshark to figure out how the attacker got in, then you need to hack back into the server to regain control. The link to the Overpass 2 - Hacked room is here. You can download Wireshark from the official website.https://josusb.com/blog/ctf-rootme/Mon, 16 Aug 2021 06:16:37 -0400https://josusb.com/blog/ctf-rootme/Overview# RootMe is a short, beginner-friendly CTF on TryHackMe with a ranking of &ldquo;Easy&rdquo;. It&rsquo;s a good complement to practice your skills learned during the &ldquo;Complete Beginner&rdquo; learning pathway, which I recommend completing before attempting this challenge. As usual, direct answers will be hidden in this guide. You can find the link to the RootMe room here. The IP address of my target machine was 10.10.255.51, and my attacking machine&rsquo;s was 10.https://josusb.com/blog/ctf-dailybugle/Thu, 12 Aug 2021 00:00:00 +0000https://josusb.com/blog/ctf-dailybugle/Overview# This Marvel-themed, multi-stage CTF is one of TryHackMe&rsquo;s Offensive Pentesting rooms with a difficulty rating of &ldquo;Hard&rdquo;. Some highlights include brute-forcing passwords, SQL injection, and exploiting website templates. Answers in this guide will be hidden or blurred out, as normally. You can find the link to The Daily Bugle room here. If you&rsquo;re attempting this CTF, you should already have some foundational knowledge and experience in pentesting. As such, I won&rsquo;t go into much detail into say what nmap arguments mean, or where to get a reverse shell, or how to use John the Ripper.https://josusb.com/blog/ctf-skynet/Sat, 31 Jul 2021 19:44:06 -0400https://josusb.com/blog/ctf-skynet/Overview# This Terminator-themed CTF is one of TryHackMe&rsquo;s Offensive Pentesting rooms, with a ranking of &ldquo;Easy&rdquo;. Exploiting Samba and file inclusion vulnerabilities are some of the highlights here. Direct answers will be hidden in this guide, but before continuing, I recommend that you try hacking this machine without any guides first. Researching on Google, finding red herrings, and even sleeping over the problem are all part of the learning process. Only refer back to this guide when you get stuck for a few days, or want to compare your answers.https://josusb.com/blog/welcome-cybersecurity/Fri, 09 Jul 2021 19:49:23 -0400https://josusb.com/blog/welcome-cybersecurity/What is TryHackMe?# TryHackMe (or THM for short) is a mostly free (will come back to this shortly), online platform designed for learning cybersecurity, with a focus on hands-on exercises. It has pre-built learning pathways depending on your security knowledge and what path you&rsquo;d like to explore in cybersecurity. Each learning pathway has a set of rooms, which are essentially short learning sessions focused on security topics, tools, or capture the flag (CTF) events.