STONESEC:

STONESEC:

Certification Featured

SANS SEC565 + GIAC GRTP

The new SANS Red Team course SEC565 by Jean-François Maes and Jorge Orchilles with it's GIAC certification GRTP also called "GIAC Red Team Professional" has consumed a lot of my time in the last three months. With this article I want to give you a better

Mastering: Hack The Box - Dante

Mastering: Hack The Box - Dante

After completing the OSCP exam and participating in several different CTFs, I wanted to take on another challenge. I chose 'Dante' from Hack The Box Pro Labs as it covers some interesting topics that filled knowledge gaps from the (older) OSCP exam. This blog article will illustrate my

My "SANS: FOR572" course experience

Phil Hagen's FOR572 covers a variety of topics in the field of network forensics. As the course name states ("FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response") also Incident Response as well as Threat Hunting concepts are being presented. A detailed list of all

First impressions of Debian 12

Bookworm: "(Sighs) I don't know why this couldn't have waited until morning, Ken, but here you go." (As "Ken" walks away, Bookworm notices that "he's" wearing high heels) ~ Toy Story 3 ~ The universal operating system Debian 12 Bookworm

What I learned from particpating in this year's "Aviation Capture The Flag" in Sofia

These boxes represented a 6-hour CTF challenge to 15 teams of the European Aviation stakeholders on 14th to 15th June 2023. As part of one of the stakeholder teams I want to share my expercience with this year's challenge. Besides networking with all the other team members each

Penetration Testing Featured

Anonymizing NMAP scans

Once I wanted to conduct a portscan using NordVPN and I failed. The scan results of nmap didn't match up to the open ports of my webserver. Quickly I realized that the way NordVPN handles my traffic isn't suitable for executing nmap scans at all. I

OSCP notes dump: #CRACK

This is my last post covering notes taken during the OSCP exam preparation. Next time I'll cover different topics and I will also focus on the next certification Certified Red Team Operator ("CRTO"). Password cracking is an essential skill for ethical hackers, as it allows them

OSCP notes dump: #PIVOT

Welcome to this blog post about pivoting! Pivoting is an essential skill that every professional penetration tester should master. It involves using compromised systems as a jumping-off point to access other systems on the network. In other words, it's a technique for moving laterally within a network to

OSCP notes dump: #PRIVESC-WIN

Escalating privileges under Windows taught me a lot about the actual Windows architecture. Try follow the mindmap from C0nd4 to successfull elevate your rights like in my previous blog post about Linux privilege escalation: GitHub - C0nd4/OSCP-Priv-Esc: Mind maps / flow charts to help with privilege escalation on the OSCP.

OSCP notes dump: #PRIVESC-LIN

After the initial compromise of a Linux host the escalation of privileges is necessary to get further access or pivot through the network. I made a lot of notes regarding this larger chapter of the OSCP certification. This useful minmap from C0nd4 should be the entrypoint: GitHub - C0nd4/OSCP-Priv-Esc:

OSCP notes dump: #POSTEXPLOIT-WIN

Attacking the Windows OS as a former Debian Administrator was quite a new challenge for me. However, it is important to dive into the field of Windows exploitation because it is the most used desktop OS worldwide. The following notes are about my OSCP prep for Windows. metasploit framework # list

OSCP notes dump: #EXPLOIT-BUF

This time it's all about stack-based buffer overflow exploitation without any protection mechanisms like ASLR or DEP in place. Note that this methodology dates back to the old version of the OSCP certification. Buffer Overflow General methology mindmap: https://twitter.com/avasdream_/status/1317453876652630018/photo/2 Hints: Bad

OSCP notes dump: #POSTEXPLOIT-SHELL

Establishing a stable connection to the target is one of the most important steps before compromising it's network. Executing exploits over and over again may trigger the blue team's attention. I made some notes during my OSCP preparation about shells but most of the time I

OSCP notes dump: #EXPLOIT-WEB

Another blog post containing various OSCP preparation notes about web-based attacks. As always don't consider these notes to be a complete chapter about OSCP web attacks. LFI # basic LFI scan wfuzz -c -w ./lfi2.txt --hw 0 http://10.10.10.10/nav.php?page=FUZZ # using php:

OSCP notes dump: #RECON

This is my first post covering my notes taken during the OSCP preparation. Before continuing my journey of cyber security certifications, I want to store most of my cherry tree into several blog posts. Please don't consider my notes to be a complete ressource for the exam. This

(not) running Ghost + Disqus in Germany

Running a tech blog in Germany can be quite challenging. Beside all the technical possibilities there're a lot of legal/administrative barriers. I wanted to embed a simple commenting feature at the end of every post of this tech blog. I could have used the build-in functionality from

Project Zomboid Server in Docker Compose (BETA)

Usually I don't like to expose infrastructure information but this time I make an exception. Some parts of the code might be changed for privacy reasons though. Before focusing on IT-Security related content I wanted to create a Project Zomboid Gaming Server during xmas holiday season. The code

My experience with the repair of the Linux handheld Steam Deck

I got the Steam Deck from Valve in 2022 and have enjoyed playing with it ever since. The concept of a handheld gaming console running Linux and being powerful enough to play most of the games from my Steam library really excites me up to this day. Beside the Steam

SGVsbG8sIFdvcmxkIQ==

Hello and welcome to my blog! I am excited to be starting this journey of sharing my knowledge and experiences in the field of offensive security and Linux in general. As a cybersecurity professional with a strong interest in red teaming and pentesting, I hope to provide valuable and informative