Posts

I have started hosting a webserver with ZERO aviability entirely in the kernel. This webpage also includes the capabilities to take any input and put it in the RIP pointer, which will likely bluescreen the webpage. As a result, a button was attached to power cycle this computer. Github project is avilable here, with a short video showing where it is functional. It may not be functional now! There are many scripts that allow this to work. https://github.com/nasawyer7/ripme ...

I began studying for the HTB CDSA (Certified Defensive Security Analyst) exam shortly after completing the CPTS. HTB has proven again and again to be a worthwhile time investment and a quick way to learn. Again, there’s no reason to detail what the exam is. No idea why so many other blog posters do this useless action. I completed 19/20 technical questions of the first incident within the first 8 hours. I never found the last flag; this one will forever haunt me. I was able to write the majority of the report for this section within the second day. It took me another 8 hours to finish finding evidence on the second attack. It took about another 5 hours to finish that report, and I submitted my test with 3 days and 20 hours to spare. The report spanned 49 pages, using the syspreptor template. ...

Recently, I started studying for the CDSA exam, which involves the use of ELK to solve challenges. HTB also created a track to help students prepare for the CDSA exam, featuring 11 challenges. That track is linked here In this post, I will show how to easily ingest and solve one of these challenges using the ELK stack. Preparation To set up elk, I used this wonderful docker elk github available here ...

In this post, I will cover completing easy sherlocks with splunk. I haven’t seen many posts covering the tactics they use to ingest sherlocks using splunk, and the posts I have seen for ‘walkthroughs’ offer no reasoning. It’s pretty clear many sherlock writeups just paraphrase from the HTB solution pdf. So, in this post, I will first go over how I ingest data into splunk, then I will cover how I solve two sherlocks. This focuses on windows event logs. ...

I started studying for the CPTS with no real experience in offensive cybersecurity around December 2024. This was during my sophomore year in college, so I was unable to complete this certification very fast. I worked at it off and on. I eventually completed all of the work around June. I studied for most of July, and took the test at the beginning of August. I got lucky, and got my results back in 6 days. ...