Sign in

Cybersecurity & IT Masters student. Forever curious;; Ask the questions, follow the trail, and #ShareTheKnowledge

Capture the flag with TryHackMe and HackTheBox

December 2019 I read a Tweet calling for participant to an “upcoming 24 hour CTF”. Most infosec Tweets with lots of acronyms usually go over my head, this one should had not been any different, except for the gigantic flamingo plastered on it.

Needless to say, I took notice and started ferociously DuckDuckGo-ing to find what this flamingo related CTF thing was. I wanted to be part of it. Capture What Flag?

Are you a first time participant?

Trace Labs Initiative by TraceLabs

Trace Labs

Trace Labs is a Not-For-Profit organization with a mission to crowdsource the collection of Open Source Intelligence (OSINT) to generate new leads on missing persons cases.

Trace Labs fundamental goal is to provide open-source intelligence (OSINT) to law enforcement, gathered at regular OSINT operations and via non-theoretical CTF (Capture the Flag) events.

Getting Started

Got the ticket, accessed the Slack Channel, the event is approaching. Now what?

Prior to the event it is important to understand the scope, the do’s and do not’s, and scoring system; all of which can be found on the Contestant Guide. Moreover, if you are a first…

Port scanning, ping sweeps, OS detection, version detection, and more.

Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. It uses raw IP packets to determine what hosts, services, operating systems, and type of packet filters/firewalls are in use and available in the network as well as dozens of other characteristics. Nmap runs on all major computer operating systems in a classic command-line executable, or GUI — Zenmap.

Essentially, Nmap is a network scanning application that is used to identify network-connected devices and provide information about their running services and operating systems. …

Exploiting Windows and Privilege Escalation

Deploy & hack into a Windows machine, exploiting a very poorly secured media server.

Tools: Nmap, Metasploit, Mimikats

#1 Connect

Connect to the network using OpenVPN or access it using the in browser machine provided by THM (membership required) ~ Detailed steps >>Here<<

#2 Recon — What can we find out about this machine?

Deploy the machine!

It worked for me, it might work for you too.

CompTIA Security+ Is a certification that aims to establish the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity job.

The information security field has a vast range of certificates, some are industry-specific, others depend on the career path chosen; however, one aspect that is common to all certificates is that they all require some form of preparation and study.

CompTIA Certification Road Map

CompTIA A+, CompTIA Network+, and CompTIA Security+ are often advised as the foundational certificates for a career in both, IT and Information security. …

Engineering my first CTF challenge!

HilltopCTF is a team-based public CTF hosted by Security Blue Team which focuses in jeopardy style challenges with increasing level of difficulties. The CTF is aimed at anyone from novice to medium high level experience as challenges are varied and require a combination of resources and methodologies to be completed.

If you are familiar with my journey into the field of information security, (Journey here!) you know that HilltopCTF holds many “firsts” in my books; my first live CTF, first time using GitHub, first times using John The Ripper, and first time placing top five in a CTF competition —…

An experience worth repeating!

Trace Labs is designed to serve as a tool for enhancing the state of missing persons location and family reunification.

Trace Labs offers a modern, cost-effective, and accessible approach to an issue that has broken many families — their fundamental goal is to provide open-source intelligence (OSINT) to law enforcement, gathered at regular OSINT operations and via information security conferences CTF (Capture the Flag) events.

This OSINT CTF is non-theoretical, where contestants work to crowdsource the OSINT set in teams of up to four members that can ultimately generate new leads on missing persons. In comparison to the conventional technical…

“Learn security, test your knowledge, prove your skill” -SBT


Getting started in the field of information technology is a daunting challenge which is often exacerbated by the infinite amount of resources available to several divisions in the field on any topic. There’s one thing, though, that stays true irrespective of the direction you want to take, everyone has a starting point.

To some fortunate people, this starting point came when they were very young and had their hands on their first computer, they just knew that computers were it; but for many of us, the truth is, the journey has taken us many places before we find ourselves in…

Continuous Cycle

The aim of the incident response team is to minimize the amount of harm incurred after a security breach has occurred by trying to mitigate the loss of data, such as intellectual property, personal information or other sensitive private data. One of the main areas of incident management is malware analysis.

Malware analysis helps responders understand the scope of a malware-based incident and identify other hosts or systems that may be affected; this is not limited to a single network, as certain malware will move easily from one end-system to another. …

A computer, inside of your computer?

A hyper-visor is a computer software or hardware that allows you to host one or more virtual machines by using a single piece of computer hardware.

Hypervisors are divided in two types:

Type I is also known as “Bare Metal” and is it mounted directly on the hardware. This form of hypervisor does not require an operating system to be running on the hardware, hence the nickname “bare metal”.

Type II hyper-visors are the most widely found in the general public. This type is a software such as VirtualBox or VMware mounted on a machine that already has an operating…


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store