AttackDefense - Cracking Hashcat Guide

AttackDefense is a new site with all sorts of awesome labs and CTFs for training. Best of all: the site is free. In this guide, I’ll detail how to complete the “Cracking MD5 Hashes” lab, though this strategy should work for most labs in the “Hashcat All” section. If you are unfamiliar with Hashcat, I’d strongly recommend reading the wiki or following Youtube tutorials elsewhere before trying this challenge.

Cyber Security Summit 2018 Highlights

I was fortunate enough to attend the 2018 Cyber Security Summit in Minneapolis, MN. Here I’ve tried to summarize each talk I attended into a small, digestible format, mostly written in their voices. Student Breakfast By: Ryan Aniol - State of Minnesota This was a super informative informal breakfast hosted by Ryan who aimed the talk at the students like myself. It was really nice to hear information directly relevant to my situation.

HackTheBox 'Poison' - Own User Guide

Note: If you are currently trying to get access to this box, I highly recommend you try it yourself first and only use this guide if you really are stuck. Intro Now that the Poison box is retired on hackthebox, we can talk publicly about how to gain access to this machine. While this machine was active, I only took the time to gain user access, not all the way to root.

Running Oracle 12c on MacOS

In this post, we will go through the steps of installing Oracle 12c in a Docker container and connect to the database using SQL Developer on a Mac. This is a much lighter way of running Oracle locally compared to running a full Windows virtual machine with VMWare or Virtualbox. 1. Install Docker - If your Mac is newer than 2010 You can simply install “Docker for Mac”. Download and install “Docker for Mac” from here (You’ll have to create a quick account to download it.

Electroneum - First Impressions

A coworker recently sent me a link to Yet Another Cryptocurrency. Like most people, I’m pretty burnt out with all these new coins and ICO’s popping up each week. In fact, I get about 5-10 ICO spam emails in my Junk mail folder. This one looked to be just a little different, though. He was excited because this one allows you to use your phone to mine. I talked to him about how it’s a neat idea, but ultimately probably won’t be profitable, especially compare to a multi-GPU setup.

2017 Cyber Security Summit

Student Breakfast - MN IT Services w/ Chris Buse $400M budget for MNIT 0% unemployment rate MNIT wants to train/develop IT skills. Everyones wants skilled people but no one wants to train Lots of operational jobs Looking for interns with lots of general skills Flexible hours/locations Q/A with Chris “Are certifications worth it?” “Focus on certs, even though I don’t think they’re very useful. They’re mostly just to get passed HR.

WiFi Security Testing Cheatsheet

Prepare Wireless Card View Network Cards: iwconfig Kill Wireless Processes: airmon-ng check kill View Networks airodump-ng wlan0 Capture traffic airodump-ng --bssid 04:A1:51:9F:98:BB --wps --write ISSO-WPA2 --channel 6 wlan0 where: --bssid - MAC of router --wps - Output WPS information, may be able to try Reaver --write - File name to write to. No extension --channel - Statically set a channel. Don't need to unless de-authing wlan0 - Wireless interface Deauth - Do while capturing aireplay-ng --deauth 0 -a 04:A1:51:9F:11:11 -c E0:AC:CB:DA:1B:1B wlan0 where: 0 - Continuously send deauth packets -a - BSSID of router (from airodump) -c - STATION of client (From airodump.

Why I switched from Android to iOS

Note: This article is not just a stringent comparison of Apple vs Android, but a look at the whole picture that I took while deciding which phone to switch to. A few months ago, my beloved Verizon HTC One M8 began to lose it’s charge at an alarming rate. It would be at 40% battery by lunch time after a day of very moderate use. Luckily, I was due for an upgrade from Verizon.

Allow a Chromecast through a WatchGuard firewall

Background I recently picked up a Chromecast for my TV so I could stream Netflix easier since XBMC’s addon is terrible if you don’t want to use a keyboard. It was super easy to setup, but after it updated and connected to my WiFi I couldn’t see it from my phone. I did some digging and found that my WatchGuard 25W was the culprit. After I added an any-any rule I was able to see it, but that left it wide-open on my network.

Fix “Some settings are managed by your system administrator” in Windows 7

Background A few months back, I was doing cleanup on a system that I had cleaned of malware. Whatever junk was on there had configured a local proxy server to run, but Malwarebytes had ripped it out. The system unfortunately still thought it was supposed to use the proxy server that doesn’t exist; consequently, I had no internet access. That’s an easy enough fix, right? I open Internet Options and change the LAN settings to not use a proxy and close it.