JO's USB

CTF Guide: Malbuster

Sat, 08 Jun 2024 00:00:00 +0000

This CTF is part of the Malware Analysis module on THM. In this scenario, you are tasked to analyze unknown malware samples detected by your Security Operations team.

CTF Guide: Benign

Sat, 25 May 2024 00:00:00 +0000

This CTF is part of the SOC Level 1 learning path on TryHackMe. You are tasked to investigate a compromised corporate system using limited Splunk logs.

CTF Guide: Snort Challenge - Live Attacks

Fri, 24 May 2024 00:00:00 +0000

This CTF is part of the SOC Level 1 learning path on TryHackMe. It simulates active network breaches on a system, and you are tasked with detecting and remediating the breaches with Snort.

CTF Guide: Hunt Me II - Typo Squatters

Mon, 13 May 2024 00:00:00 +0000

This CTF is the final challenge of the Threat Hunting module on THM. It follows-up right after Hunt Me I, but the questions guide the investigation much less than before.

CTF Guide: Hunt Me I - Payment Collectors

Fri, 10 May 2024 00:00:00 +0000

This CTF is a threat-hunting practice scenario. We’ll have to investigate malicious activity on a computer that’s been the victim of a phishing attack, from initial access all the way to stealing confidential data.

3D Art Showcase II

Fri, 03 May 2024 15:37:33 -0400

More 3D art! All of these were made within the last year. I’ve been pretty busy since the winter, so I haven’t been able to do as much 3D art as I’d wish.

3D Art Showcase

Sun, 09 Jul 2023 15:37:33 -0400

I create fully animated 3D art compositions as a hobby, mainly of photorealistic environments or abstract geometric pieces. Here are some of the things I’ve worked on in the past year.

How To: Sort a List of Terraform Objects by Attribute

Thu, 20 Oct 2022 15:45:42 -0400

This is a short tutorial on how to sort a list of Terraform objects by a specific attribute, which isn’t built-in to Terraform. This example will sort AWS VPC subnets based on their amount of available IP addresses.

How To: Set Up an Apache Proxy Cache for Artifactory

Fri, 02 Sep 2022 00:00:00 +0000

This is a tutorial on how to set up an Apache reverse proxy for caching content from JFrog Artifactory. I had to learn how to do this for work to lessen the request load on the origin Artifactory server, and improve performance overall.

About

Tue, 30 Aug 2022 00:00:00 +0000

Summary Greetings! I’m a software engineer in the cybersecurity industry, and have been for about 3 years now. Specifically, I work on the DevOps branch of the software development ecosystem, so most of the posts on this site revolve around that and cybersecurity, but I’ll mix in different topics now and again. A lot of the blog posts on this site are usually situations I’ve encountered while coding, and how they were solved.

How To: Embed Streamable.com Videos in Hugo

Fri, 19 Aug 2022 15:27:23 -0400

Hey, this is a quick little tutorial on how to embed Streamable videos to your Hugo website, like this:

CTF Guide: You Can't C Me

Fri, 10 Sep 2021 00:00:00 +0000

Overview# You Can’t See Me is a fun CTF on Hack The Box that requires you to reverse engineer a simple C application. It’s generally rated as an “Easy” challenge, and is a good introduction to reversing software and performing malware analysis. As with the other CTF guides, answers will be blurred out. Also for brevity, I won’t be including all output of every command. You can find the link to You Can’t See Me here.

How To: Build Unity Projects on the Command Line

Tue, 07 Sep 2021 07:49:28 -0400

There weren’t a lot of online resources on how to build Unity games from the command line, which was surprising. This would be useful for automating builds, meaning that you don’t need to manually interact with the Unity Editor if you only need to compile your game. If you have a large project, not having to load the Editor is a massive time saver. This can all be done through Unity’s command line arguments.

CTF Guide: Overpass 2 - Hacked

Fri, 27 Aug 2021 00:00:00 +0000

Overview# Overpass 2 - Hacked is the second CTF in the Overpass series on TryHackMe, and this scenario has you helping to recover a website that’s been hacked! You’ll have to analyze a packet capture (PCAP) file with Wireshark to figure out how the attacker got in, then you need to hack back into the server to regain control. The link to the Overpass 2 - Hacked room is here. You can download Wireshark from the official website.

CTF Guide: RootMe

Mon, 16 Aug 2021 06:16:37 -0400

Overview# RootMe is a short, beginner-friendly CTF on TryHackMe with a ranking of “Easy”. It’s a good complement to practice your skills learned during the “Complete Beginner” learning pathway, which I recommend completing before attempting this challenge. As usual, direct answers will be hidden in this guide. You can find the link to the RootMe room here. The IP address of my target machine was 10.10.255.51, and my attacking machine’s was 10.

CTF Guide: The Daily Bugle

Thu, 12 Aug 2021 00:00:00 +0000

Overview# This Marvel-themed, multi-stage CTF is one of TryHackMe’s Offensive Pentesting rooms with a difficulty rating of “Hard”. Some highlights include brute-forcing passwords, SQL injection, and exploiting website templates. Answers in this guide will be hidden or blurred out, as normally. You can find the link to The Daily Bugle room here. If you’re attempting this CTF, you should already have some foundational knowledge and experience in pentesting. As such, I won’t go into much detail into say what nmap arguments mean, or where to get a reverse shell, or how to use John the Ripper.

CTF Guide: Skynet

Sat, 31 Jul 2021 19:44:06 -0400

Overview# This Terminator-themed CTF is one of TryHackMe’s Offensive Pentesting rooms, with a ranking of “Easy”. Exploiting Samba and file inclusion vulnerabilities are some of the highlights here. Direct answers will be hidden in this guide, but before continuing, I recommend that you try hacking this machine without any guides first. Researching on Google, finding red herrings, and even sleeping over the problem are all part of the learning process. Only refer back to this guide when you get stuck for a few days, or want to compare your answers.

How To: Save $1,000+ on your AWS Bill

Mon, 12 Jul 2021 00:00:00 +0000

The Cost of the Cloud# One of my recent projects was to migrate some testing servers from on-premises to Amazon EC2. There were valid reasons for doing so, with the most pressing being to offload the testing workload to the cloud. Testing isn’t run 24/7, so those machines don’t need to be online all the time taking up server space. They can be dynamically provisioned en masse on AWS, and terminated once testing is complete.

TryHackMe - Welcome to Cybersecurity

Fri, 09 Jul 2021 19:49:23 -0400

What is TryHackMe?# TryHackMe (or THM for short) is a mostly free (will come back to this shortly), online platform designed for learning cybersecurity, with a focus on hands-on exercises. It has pre-built learning pathways depending on your security knowledge and what path you’d like to explore in cybersecurity. Each learning pathway has a set of rooms, which are essentially short learning sessions focused on security topics, tools, or capture the flag (CTF) events.

Pokémon Battle Simulator

Sun, 04 Apr 2021 00:00:00 +0000

An open-source game engine built with Unity to emulate the battle system from the popular Pokémon video game series.

Fortnite 2D

Sun, 29 Mar 2020 00:00:00 +0000

A top-down, battle royale shooter with multiplayer and AI survival modes. This app works on the web and on mobile platforms.

Offline

Mon, 01 Jan 0001 00:00:00 +0000