top of page
Search
Incident Handling with Splunk - THM Series - Phase 1/7 Reconnaissance
This room covers an incident Handling scenario using Splunk.
BlueDolphin
Oct 29, 2023
Tenable Capture the Flag - Web - Cat Viewer
SQL Injection manual (NO AUTOMATION)
BlueDolphin
Aug 13, 2023
Hack the Box - Precious
Engagement flow Summary This machine starts off with some basic web enumeration. The user learns about a web page pdf conversion...
BlueDolphin
Jun 27, 2023
Hack the Box - Soccer
Engagement Flow Summary This is my writeup for the Hack the Box Machine "Soccer". Tools Used whatweb Processes/Techniques Web enumeration...
BlueDolphin
Jun 27, 2023
Hack the Box - Stocker
Engagement Map Enumeration We start off with a casual NMAP scan including the flags for service scanning and version discovery. Initially...
BlueDolphin
Jun 27, 2023
Docker - Analyzing Images Offline
Summary Docker images offer many benefits, they can also present challenges for developers and security professionals who need to...
BlueDolphin
May 7, 2023
Docker Registry Enumeration
Enumerating Docker Registries
BlueDolphin
May 7, 2023
Docker 101
Docker containers are like book chapters while VM's are the entire book.
BlueDolphin
May 7, 2023
Hack the Box - MetaTwo
Engagement Flow Summary This was an amazing lab with a narrow attack surface requiring many steps. The initial portion of the user phase...
BlueDolphin
May 2, 2023
Hack the Box - Trick
Enumeration Summary This machine initially required subdomain enumeration which opened the door for a new attack surface that was...
BlueDolphin
Nov 2, 2022
Linux Hard Disk/Drive - Reference
Hard Disk Layout du -h --max-depth=1 - Total space taken by each directory du -h --max-depth=1 /usr - Total space taken up individually...
BlueDolphin
Oct 12, 2022
Hack the Box - Late
Engagement flow Enumeration We start off with a standard enumeration phase where we have a narrow attack surface. We know this will...
BlueDolphin
Oct 9, 2022
Try Hack Me - Greenbone GVM and OpenVas
Task 1 - Introduction The first task is fairly simple so I will elaborate on OpenVas. The OpenVas project was born in 2005 when the...
BlueDolphin
Aug 17, 2022
Python Poetry - Packaging and dependency management made easy
References: https://python-poetry.org/ https://github.com/python-poetry/poetry https://python-poetry.org/docs/...
BlueDolphin
Aug 12, 2022
Greenbone Vulnerability Management Scanner - New Notus Scanner
References https://www.greenbone.net/en/notus/ https://www.greenbone.net/en/new-vulnerability-scanner-notus/ https://www.greenbone.net/en...
BlueDolphin
Aug 11, 2022
Hack the Box Router Space
Engagement flow Enumeration Port discovery Web enumeration apk download Browsing to the website we see options for a download and a get...
BlueDolphin
Jul 6, 2022
Hack the Box - Undetected
PHP, RCE, Reversing, File System, Forensics, Attacks/Weak Password, Attacks/Backdoor
BlueDolphin
Jul 6, 2022
Hack the Box - Paper
#Wordpress #CMSExploit #LFI
#CVE
BlueDolphin
Jun 20, 2022
Boss of the Soc - Splunk
Pre-amble The focus of this hands on lab will be an APT scenario and a ransomware scenario. You assume the persona of Alice Bluebird, the...
BlueDolphin
Jun 18, 2022
Tenable CTF 2022 - Forensics
These are my writeups for the tenable CTF Forensic category. This challenge presents us with a pdf document containing redacted...
BlueDolphin
Jun 14, 2022
Google CTF - Beginner Quest Part 1
Welcome Google will run the 2021 CTF competition in two parts: an online jeopardy-CTF competition, and second contest open only to the...
BlueDolphin
Jun 11, 2022
Hack the Box - Meta
Topics: Python, CVE, Sudo Exploitation, sub domain enumeration, Exiftool, file upload, ssh keys, pspy, custom script, image magick,
BlueDolphin
Jun 11, 2022
Hack the Box - Pandora
#PHP #CMS Exploit #SQLi #CVE #SUID #SQL #RCE
BlueDolphin
May 28, 2022
Hack the Box - Secret
Javascript, Source Code Review, Git, Weak Authentication, OS Command Injection, SUID, Auth failure.
BlueDolphin
May 8, 2022
bottom of page