Donald Ashdown
Managed Services vs Project Work?
"Managed services are like having a reliable IT butler at your beck and call, while project work is like hiring a tech mercenary for a...
top of page
Cyber Blog​
Search
Donald Ashdown
- Nov 2, 2022
Hack the Box - Trick
Enumeration Summary This machine initially required subdomain enumeration which opened the door for a new attack surface that was...
Donald Ashdown
- Oct 12, 2022
Linux Hard Disk/Drive - Reference
Hard Disk Layout du -h --max-depth=1 - Total space taken by each directory du -h --max-depth=1 /usr - Total space taken up individually...
Donald Ashdown
- Oct 9, 2022
Hack the Box - Late
Engagement flow Enumeration We start off with a standard enumeration phase where we have a narrow attack surface. We know this will...
Donald Ashdown
- Aug 17, 2022
Try Hack Me - Greenbone GVM and OpenVas
Task 1 - Introduction The first task is fairly simple so I will elaborate on OpenVas. The OpenVas project was born in 2005 when the...
Donald Ashdown
- Aug 13, 2022
Python Poetry - Packaging and dependency management made easy
References: https://python-poetry.org/ https://github.com/python-poetry/poetry https://python-poetry.org/docs/...
Donald Ashdown
- Aug 12, 2022
Greenbone Vulnerability Management Scanner - New Notus Scanner
References https://www.greenbone.net/en/notus/ https://www.greenbone.net/en/new-vulnerability-scanner-notus/ https://www.greenbone.net/en...
Donald Ashdown
- Jul 6, 2022
Hack the Box Router Space
Engagement flow Enumeration Port discovery Web enumeration apk download Browsing to the website we see options for a download and a get...
Donald Ashdown
- Jul 6, 2022
Hack the Box - Undetected
PHP, RCE, Reversing, File System, Forensics, Attacks/Weak Password, Attacks/Backdoor
Donald Ashdown
- Jun 20, 2022
Hack the Box - Paper
#Wordpress #CMSExploit #LFI
#CVE
Donald Ashdown
- Jun 19, 2022
Boss of the Soc - Splunk
Pre-amble The focus of this hands on lab will be an APT scenario and a ransomware scenario. You assume the persona of Alice Bluebird, the...
Donald Ashdown
- Jun 14, 2022
Tenable CTF 2022 - Forensics
These are my writeups for the tenable CTF Forensic category. This challenge presents us with a pdf document containing redacted...
Donald Ashdown
- Jun 11, 2022
Google CTF - Beginner Quest Part 1
Welcome Google will run the 2021 CTF competition in two parts: an online jeopardy-CTF competition, and second contest open only to the...
Donald Ashdown
- Jun 11, 2022
Hack the Box - Meta
Topics: Python, CVE, Sudo Exploitation, sub domain enumeration, Exiftool, file upload, ssh keys, pspy, custom script, image magick,
Donald Ashdown
- May 28, 2022
Hack the Box - Pandora
#PHP #CMS Exploit #SQLi #CVE #SUID #SQL #RCE
Donald Ashdown
- May 8, 2022
Hack the Box - Secret
Javascript, Source Code Review, Git, Weak Authentication, OS Command Injection, SUID, Auth failure.
Donald Ashdown
- Apr 25, 2022
Cyber Defenders - Malware Traffic Analysis 1
The attached PCAP belongs to an Exploitation Kit infection. Analyze it using your favorite tool and answer the challenge questions....
Donald Ashdown
- Apr 23, 2022
Hack the Box - BackDoor
Work flow Summary Another easy machine that required several twists and turn along the way to root. Starting off with a narrow attack...
Donald Ashdown
- Apr 13, 2022
CyberDefenders - HawkEye - PCap Forensics
Scenario: An accountant at your organization received an email regarding an invoice with a download link. Suspicious network traffic was obs
Donald Ashdown
- Apr 9, 2022
Hack the Box - Devzat
Docker, API, CVE, RCE, Golang, Source Code Review, Git abuse, LFI, cmd injection.
Donald Ashdown
- Mar 21, 2022
Hack the Box - Driver
SCP File injection, MITM - Responder, NTLM, evil-winrm, printer nightmare.
Donald Ashdown
- Feb 21, 2022
Hack the Box - Horizontall
Linux, CMS Exploit, Strapi, Laravel, Outdated Software, CVE, Injection, RCE, Account Misconfiguration, Port forwarding (ssh),
Donald Ashdown
- Feb 9, 2022
SANS KringleCon Challenge 7
Printer nightmare exploitation by hand!
Donald Ashdown
- Feb 5, 2022
SANS KringleCon Objective 6
All about assembly language!
bottom of page