Got slow portscans on CTF’s?

Aaaaaargh, my port scan take forever to complete! Heard that one before? You should have, it is a common complaint often heard between CTF rookies. Today we are looking into some ways to mitigate slow scans. Nmap When looking at the various complaints, Nmap seem to be the culprit. Gamers bash it for being slow […]

Read More Got slow portscans on CTF’s?

Trollcave 1.2 – walkthrough

Trollcave is a vulnerable VM, in the tradition of Vulnhub and infosec wargames in general. You start with a virtual machine which you know nothing about – no usernames, no passwords, just what you can see on the network. In this instance, you’ll see a simple community blogging website with a bunch of users. From […]

Read More Trollcave 1.2 – walkthrough

Notes on making CTF games

Some time ago I wrote a post named “unofficial guide to creating CTF VMs“. Since then I have been approached by random people, students I mentor and colleagues asking how to make that virtual machine vulnerable. Well, I never intended that post to reveal that. It was simply left as an exercise to the readers. Today I […]

Read More Notes on making CTF games

Zico2:1 – walkthrough

Description from Vulnhub: Zico is trying to build his website but is having some trouble in choosing what CMS to use. After some tries on a few popular ones, he decided to build his own. Was that a good idea? Host discovery As always, I went hunting for the target: IPv Address IPv4 192.168.110.28 IPv6 […]

Read More Zico2:1 – walkthrough

Bulldog 1 – walkthrough

Description from Vulnhub: “Bulldog Industries recently had its website defaced and owned by the malicious German Shepherd Hack Team. Could this mean there are more vulnerabilities to exploit? Why don’t you find out? 🙂 This is a standard Boot-to-Root. Your only goal is to get into the root directory and see the congratulatory message, how […]

Read More Bulldog 1 – walkthrough

billu b0x – walkthrough

Welcome to another segment in my Vulnhub series! Today I am focusing on the billu: b0x CTF game hosted on Vulnhub. The game description didn’t say much, just that it runs standard LAMPP and the mission is to gain ROOT access. Well, then – let’s get cracking! Investigation Finding Target and Services Finding the Target: […]

Read More billu b0x – walkthrough

Proteus V1 – Walkthrough

Welcome to another segment in my Vulnhub series! Haven’t had much time to focus on these lately due to work – but I managed to squeeze in some time over the last few weeks to play with the Proteus game. So here it is! Description from Vulnhub: “An IT Company implemented a new malware analysis […]

Read More Proteus V1 – Walkthrough