I'm Cyrus

With my recent new employment as a graduate penetration tester, my mind now turns to the next major hurdle that any InfoSec consultant must jump to advance their career, certifications. It can be pretty daunting to figure out where to start in the world of security certifications, but luckily I’ve... [Read More]

Tags: OSCP

Getting Started; Included

Containers and PHP Shells

Posted on December 26, 2021

In my quest to polish off all the starting point Hack The Box machines before they get stuck behind a paywall again in January, I moved on to the Included machine. I started off, as is custom, with an nmap scan. # Nmap 7.92 scan initiated Thu Dec 23 19:44:17... [Read More]

Tags: hack-the-box ctf

Advent of Cyber 2021, Days 11-25

My Learnings and Thoughts

Posted on December 25, 2021

Day 11 Today’s challenge involved accessing an MSSQL server and was an activity I ended up learning a fair amount from. The first part of this challenge that was new to me was the MSSQL client used to access the server. sqsh -S {target} -U {user} -P {password} Previously I... [Read More]

Tags: tryhackme ctf

Getting Started; Vaccine

Delving into SQL injection

Posted on December 23, 2021

After booting up the instance I began, as I always do, with an nmap scan using the -sC and -sV options. [Read More]

Tags: hack-the-box ctf

Hackcelerator Major Project Part 1

Setting up my lab

Posted on December 23, 2021

As part of the Privasec (now Sekuro) Hackcelerator program, I was tasked with experimenting with a very basic meterpreter shell in order to identify potential indicators of compromise. To begin, the first thing I needed to do was set up a couple of virtual machines using VirtualBox, one Kali machine... [Read More]

Tags: hackcelerator

Advent of Cyber 2021, Days 1-10

My Learnings and Thoughts

Posted on December 12, 2021

With December once again upon us, I decided to wade into the litany of advent challenges that inevitably fill up my inbox each year. This year, one of the advent activities I chose to take on was TryHackMe’s ‘Advent of Cyber’, a set of 25 beginner level, Christmas-themed CTF challenges... [Read More]

Tags: tryhackme ctf

Getting Started; Oopsie

Return of web security

Posted on November 25, 2021

After having stuggled my way through Archetype, I was pleased to notice that this next box had a greater emphasis on web security, an area where I am much more comfortable. After spinning up the machine I began, as usual, with a fairly basic nmap scan. [Read More]

Tags: hack-the-box ctf

Hackcelerator Minor Project Part 3

Performing Vulnerability Assessments

Posted on November 21, 2021

The Fun Part [Read More]

Tags: hackcelerator

Hackcelerator Minor Project Part 2

Server Hardening

Posted on November 20, 2021

Hardening SSH [Read More]

Tags: hackcelerator

Hackcelerator Minor Project Part 1

Setting Up Wordpress

Posted on November 19, 2021

Getting Logged In [Read More]

Tags: hackcelerator

Steggle Development Part 5

Implementing Read

Posted on March 29, 2021

With the write system proven to work based on my previous experimentation, this week I set about implementing a read system that could take written messages within images and easily decode them for display to the user. My process for collecting data from the image’s bitmap was pretty much the... [Read More]

Tags: steggle dev

Steggle Development Part 4

Implementing Write

Posted on March 24, 2021

With the knowledge and proof of concept gained from last week’s work, I finally set about actually implementing part of my steganography tool. This week I focussed on the write feature and my overall goal was to fully implement it by the end of the week. My first challenge was... [Read More]

Tags: steggle dev

Steggle Development Part 3

Image Manipulation

Posted on March 16, 2021

With all the planning research work out of the way, this week I finally started work on producing the program itself. My primary objective of this week’s work was to produce code that acted as a proof of concept, code that could conclusively show that the solution I have been... [Read More]

Tags: steggle dev

Steggle Development Part 2

Exploring Steganography

Posted on March 13, 2021

My first priority for my project this week was to undertake some research on how exactly messages can be hidden within PNG image data. Throughout my research I have frequently come across a technique known as ‘least significant bit’ steganography, it is generally regarded as the simplest and most straight... [Read More]

Tags: steggle dev

Steggle Development Part 1

Exploring PNGs

Posted on March 3, 2021

In order to understand how to modify a PNG, the first step I knew I needed to take was to learn how exactly a PNG works, how it’s structured and how I can go about changing its raw data. Naturally, my first step was to discover the structure of a... [Read More]

Tags: steggle dev

I'm Cyrus

I'm Cyrus

Greetings!

Most Recent Posts:

Road to OSCP Part 1

In the Beginning...

Getting Started; Included

Containers and PHP Shells

Advent of Cyber 2021, Days 11-25

My Learnings and Thoughts

Getting Started; Vaccine

Delving into SQL injection

Hackcelerator Major Project Part 1

Setting up my lab

Advent of Cyber 2021, Days 1-10

My Learnings and Thoughts

Getting Started; Oopsie

Return of web security

Hackcelerator Minor Project Part 3

Performing Vulnerability Assessments

Hackcelerator Minor Project Part 2

Server Hardening

Hackcelerator Minor Project Part 1

Setting Up Wordpress

Steggle Development Part 5

Implementing Read

Steggle Development Part 4

Implementing Write

Steggle Development Part 3

Image Manipulation

Steggle Development Part 2

Exploring Steganography

Steggle Development Part 1

Exploring PNGs