Sunday, March 22, 2020

Monday, January 13, 2020

SANS Holiday Hack Challenge: KringleCon 2019

This was the first year I participated in Kringlecon, and I was really impressed with how well made it was. With a variety of challenges exploring different aspects of information security, both in the realm of penetration testing and blue team techniques, and a range of difficulties, it made for a CTF event that was accessible to all. Paired with...

Saturday, September 21, 2019

The Time I Chased a Cab (File): Zip Slip and Certificate Cloning

While doing research for a pretty large and complicated thick client assessment recently, I ended up diving down a rabbit hole involving cabinet files (.cab) as I noticed the application performing some interesting sequential functions. In a nutshell, the application would do the following with elevated processes: Retrieve a cab file Extract the...

Monday, August 12, 2019

Recon Village CTF @ Defcon 27

My CTF team, Neutrino Cannon, participated in the Recon Village CTF at Defcon 27 once again for the third year in a row, and as the saying goes "the third time is the charm" as we managed to finish in first place. We dedicated almost all of our time at Defcon to the CTF, and the team's unwavering focus to complete challenges locked in the victory. There...
Powered by Blogger.