HTB Starting Point: Mongod

- 5 mins read

Series: Starting Point

Getting Familiar with MongoDB Moving onto our next Starting Point machine we have this bad boy. A quick look at the tasks associated with guy shows that we’re going to need to be brushing up on our MongoDB knowledge. Truthfully, I don’t have a ton of experience with this so this will be good for all of us. After connecting to HTB’s environment through either their pwnbox or OpenVPN let’s go ahead and spawn our target and then get started with this first task.

HTB Starting Point: Synced

- 4 mins read

Series: Starting Point

Rsync is a Pretty Important Tool Hey there and welcome to the final box under HTB’s Starting Point Tier 01 Yayyyy (this took me way too long). Anyhow, todays box is going to be going over the usage of a tool called rsync which is another file transfer tool, but a very powerful one. Frequently used by sys admins and what not to perform system backups and things of that nature.

Hack the Box: Nibbles Walkthrough

- 8 mins read
Port Scanning For this box, we know it’s a Linux box and it has a web server of some kind. Let’s perform some emumeration and start off with an nmap scan. Run the command nmap -sV --open -oA nibbles_initial_scan <target_ip> this will perform a full version scan on the target, only returning output for open ports and will output everything to the initial scan file. the .nmap file is the same as stndout and the other two are formatted for potential other operations

HTB Academy: Windows Fundamentals

- 5 mins read
Now in the past, I’ve gone on the record saying that I don’t like covering Academy content and that’s still true. I will do it however if one of two conditions are met, I think it’s hard and there’s not a lot of resources on the topic. Or if I personally suck at it and this one is definitely the latter as my Windows sysadmin skills are not great. With that being said, feel free to join me as I quick work on the Skills Assessment portion of the HTB Academy Windows Fundamentals module.

Preignition

- 3 mins read

Series: Starting Point

Looks like for this box we’re going to be using Gobuster to do some web directory brute forcing shenanigans. After starting our Pwnbox and letting our instance spawn in we’re going to address the first task. Task 1 Dir busting is the other name for directory brute forcing, so that’s that. Task 2 That’s going to be the -sV flag in order to tell Nmap to do version detection (as we’ll see later).

Meerkat

- 10 mins read
HackTheBox Sherlocks: Meerkat Walkthrough Hello everyone and welcome to my first Sherlock writeup! I’ve done a few other HTB writeups before, but we’re going to start doing a few more of their Sherlock challenges. With the Holmes CTF fast approaching I figured this was a good time for all of us to brush up on our blue teams skills and start doing some investigating. What Are Sherlocks? Sherlocks are a HacktheBox (HTB) challenge type that more so revolve around digital forensics, network traffic analysis, malware analysis and so on.

Making Your Own Cybersecurity Website

- 16 mins read
Why You Should Make a Website Honestly, I think everyone should think about making a website, even if you’re not really into cyber or IT in general. It’s a fun little project, a great creative outlet and honestly, I think it’s good to decentralize the internet a little bit. Enough about that, why should you as a (presumably) security enthusiast go through the trouble of setting up your own web server instead of using Google Sites or some website builder.