Using Linux Containers can significantly improve deployment times to make customized instances of a system. For instance, you may want to create 10 unique instances of a system for training purposes, but don’t want to run custom code on each when it starts to generate key material, assign users, etc. Using Linux Containers can make that simple, but unfortunately it’s not always so simple to create that custom image for deployment. This post is going to cover the start to finish customization of an image (in this case, using Kali Linux) from the base image to one that can deploy in a non-privileged virtualization platform (in this case, Proxmox VE). Let’s get started!Continue reading “Custom Proxmox VE LXC Images”
Have you ever wanted to get into hardware hacking as well as offensive security, but didn’t know how to get started? Good news! For a recent meeting of the Pittsburgh Hacker’s Association I put together a presentation on how to setup the standard box I use for almost everything. It’s a dual-boot system with both Ubuntu and Kali, a shared data partition, and all the tools you could ever need pre-configured and installed. If you want to get started, just grab the PDF and get going!
Good hunting! 🙂
There’s a designer named Bradán Lane who makes some excellent hardware, and one of my favorite things he’s created is a set of challenge coin circuits. I won’t go into too much detail on them other than to note they have a fun story line, a series of challenges, and you have to exercise some basic hardware hacking skills to participate. If you’d like more details, please check out the listing for the coin on Tindie. But what if you don’t know how to get started? Well, a friend of mine (Visual) and I recently played through this, and thought we’d document how to get started for anyone who needs a little extra help. Let’s get started!Continue reading “Starting the 2020 eChallenge Coin Redux”
Maybe you’ve decided that you want to close down your old computer that was running a Lightning network node, but you haven’t decided to stop using Bitcoin. Maybe you just need to pay for an unexpected expense. Maybe anything. The question becomes: How do you take the BTC you currently have linked into a Lightning wallet and shoot it back off to a Bitcoin main wallet? I didn’t find that readily available anywhere and clearly listed, so here you go. 🙂Continue reading “Closing out Lightning to Bitcoin”
Okay, so this is the post that kickstarted me to return to StackAttack… because I’ll probably forget all of this in a week, and I want a reference. In short, the goal is:
- Setup a full Bitcoin core node
- Setup the Lightning Network Daemon
- Make it all work over Tor
Let’s dive in, shall we? 🙂Continue reading “Bitcoin Node + Lightning Network + Tor”
No matter how you slice it, I’ve been a bum. I’ve been working on a ton of things, but haven’t been sharing. That’s, well, not great. I intended to share, but haven’t been doing it.
Best of intentions. Best of bullsh*t.
So let’s start again, shall we? 🙂
Need a quick list of things to attack? Try these. 🙂
- Buggy Web App: http://www.itsecgames.com/
- Damn Vulnerable iOS App: http://damnvulnerableiosapp.com/
- Damn Vulnerable Web Application: http://www.dvwa.co.uk/
- Damn Vulnerable Web Services: http://dvws.professionallyevil.com/
- Google Gruyere Web App: http://google-gruyere.appspot.com/
- Hack This!: https://www.hackthis.co.uk/
- Hack This Site: https://www.hackthissite.org/
I recently had cause to make some training on how to get and perform some basic operations using BurpSuite, so I thought I’d share here. As always, feel free to use as you’d like. 🙂
Part three of the DerbyCon DomainTools CTF write-ups. You can find coverage of all the Crypto challenges here and coverage of all the Forensics challenges here. This finishes up the solutions for every challenge in the CTF, broken up by the same section names that they used. When possible, I’ll also be creating CyberChef recipes to directly solve each challenge, and linking to them following the solution description. Let’s get started!