top of page

Search


Docker - Analyzing Images Offline
Summary Docker images offer many benefits, they can also present challenges for developers and security professionals who need to...
BlueDolphin
May 7, 2023


Docker Registry Enumeration
Enumerating Docker Registries
BlueDolphin
May 7, 2023


Docker 101
Docker containers are like book chapters while VM's are the entire book.
BlueDolphin
May 7, 2023


Hack the Box - MetaTwo
Engagement Flow Summary This was an amazing lab with a narrow attack surface requiring many steps. The initial portion of the user phase...
BlueDolphin
May 3, 2023


Hack the Box - Trick
Enumeration Summary This machine initially required subdomain enumeration which opened the door for a new attack surface that was...
BlueDolphin
Nov 2, 2022


Linux Hard Disk/Drive - Reference
Hard Disk Layout du -h --max-depth=1 - Total space taken by each directory du -h --max-depth=1 /usr - Total space taken up individually...
BlueDolphin
Oct 12, 2022


Hack the Box - Late
Engagement flow Enumeration We start off with a standard enumeration phase where we have a narrow attack surface. We know this will...
BlueDolphin
Oct 9, 2022


Try Hack Me - Greenbone GVM and OpenVas
Task 1 - Introduction The first task is fairly simple so I will elaborate on OpenVas. The OpenVas project was born in 2005 when the...
BlueDolphin
Aug 17, 2022


Python Poetry - Packaging and dependency management made easy
References: https://python-poetry.org/ https://github.com/python-poetry/poetry https://python-poetry.org/docs/...
BlueDolphin
Aug 13, 2022


Greenbone Vulnerability Management Scanner - New Notus Scanner
References https://www.greenbone.net/en/notus/ https://www.greenbone.net/en/new-vulnerability-scanner-notus/ https://www.greenbone.net/en...
BlueDolphin
Aug 12, 2022


Hack the Box Router Space
Engagement flow Enumeration Port discovery Web enumeration apk download Browsing to the website we see options for a download and a get...
BlueDolphin
Jul 6, 2022


Hack the Box - Undetected
PHP, RCE, Reversing, File System, Forensics, Attacks/Weak Password, Attacks/Backdoor
BlueDolphin
Jul 6, 2022


Hack the Box - Paper
#Wordpress #CMSExploit #LFI
#CVE
BlueDolphin
Jun 20, 2022


Boss of the Soc - Splunk
Pre-amble The focus of this hands on lab will be an APT scenario and a ransomware scenario. You assume the persona of Alice Bluebird, the...
BlueDolphin
Jun 19, 2022


Tenable CTF 2022 - Forensics
These are my writeups for the tenable CTF Forensic category. This challenge presents us with a pdf document containing redacted...
BlueDolphin
Jun 14, 2022


Google CTF - Beginner Quest Part 1
Welcome Google will run the 2021 CTF competition in two parts: an online jeopardy-CTF competition, and second contest open only to the...
BlueDolphin
Jun 11, 2022


Hack the Box - Meta
Topics: Python, CVE, Sudo Exploitation, sub domain enumeration, Exiftool, file upload, ssh keys, pspy, custom script, image magick,
BlueDolphin
Jun 11, 2022


Hack the Box - Pandora
#PHP #CMS Exploit #SQLi #CVE #SUID #SQL #RCE
BlueDolphin
May 28, 2022


Hack the Box - Secret
Javascript, Source Code Review, Git, Weak Authentication, OS Command Injection, SUID, Auth failure.
BlueDolphin
May 8, 2022


Cyber Defenders - Malware Traffic Analysis 1
The attached PCAP belongs to an Exploitation Kit infection. Analyze it using your favorite tool and answer the challenge questions....
BlueDolphin
Apr 25, 2022


Hack the Box - BackDoor
Work flow Summary Another easy machine that required several twists and turn along the way to root. Starting off with a narrow attack...
BlueDolphin
Apr 23, 2022


CyberDefenders - HawkEye - PCap Forensics
Scenario: An accountant at your organization received an email regarding an invoice with a download link. Suspicious network traffic was obs
BlueDolphin
Apr 13, 2022


Hack the Box - Devzat
Docker, API, CVE, RCE, Golang, Source Code Review, Git abuse, LFI, cmd injection.
BlueDolphin
Apr 9, 2022


Hack the Box - Driver
SCP File injection, MITM - Responder, NTLM, evil-winrm, printer nightmare.
BlueDolphin
Mar 21, 2022
bottom of page