Self Hosted VPN with Wireguard

Regarding Privacy and Anonymity # A self-hosted VPN is secure against local network threats, like the classic public wifi in a coffee shop scenario, or ISP snooping, but it does not mean it makes you anonymous. Also it does not mean it is entirely private. Your server hosting provider, e.g. AWS, Hetzner, DigitalOcean, etc. has the same level of visibility into your traffic as an ISP would once it leaves the tunnel (dest IPs, hostnames, packet timing, sizes), but not page contents (Assuming HTTPS traffic).

Splunk - Boss Of the SOC version 1

I just finished the original Boss of the SOC (BOTS) Version 1, scoring 15,224 points. The challenge emphasizes the importance of using Splunk’s capabilities to analyze and interpret security data. https://bots.splunk.com/ I don’t have a fully structured writeup this time, because I felt a bit pressured by the four-hour timer, but the experience itself was immensely valuable. The challenge is made of two scenarios: Web Site Defacement – Figuring out whether the personal blog of Wayne Enterprises’ CEO had been compromised.

HackTheBox - Strutted [Linux]

“Strutted” is a medium-difficulty Linux machine on HackTheBox that centers on the exploitation of a web application. The initial foothold is gained by exploring an unusual feature of the web server: a downloadable archive of the application’s source code. This archive serves as a crucial piece of intelligence, containing leaked credentials and revealing the use of a vulnerable Apache Struts framework. The path to a user shell involves exploiting a known file upload vulnerability within the Struts framework, which allows a malicious web shell to be executed on the server.

HackTheBox - Meerkat [SOC]

As a fast-growing startup, Forela has been utilising a business management platform. Unfortunately, our documentation is scarce, and our administrators aren’t the most security aware. As our new security provider we’d like you to have a look at some PCAP and log data we have exported to confirm if we have (or have not) been compromised. Challenge Overview # CTF Name: Meerkat Category: Sherlock - SOC Active/Retired (at pwn): Retired Difficulty: [3] Easy Author: sebh24 Date Released: 13 Nov 2023 Date Completed: 11 Aug 2025 CTF Link: https://app.

HackTheBox - Allegretto [DFIR][Post Available Upon Challenge Retirement]

We have been conducting surveillance on a suspected drug dealer known as Shadow. Recently, we obtained intelligence regarding his location, which led us to a flat in London. Upon executing a raid, we encountered a violent situation resulting in multiple casualties. During the operation, Shadow attempted to delete critical information from his computer to evade capture. However, we successfully apprehended him before he could cause significant damage. We have since recovered important files from his computer and would like you to analyze this data to determine his activities.

HackTheBox - Pikaptcha [DFIR]

Happy Grunwald contacted the sysadmin, Alonzo, because of issues he had downloading the latest version of Microsoft Office. He had received an email saying he needed to update, and clicked the link to do it. He reported that he visited the website and solved a captcha, but no office download page came back. Alonzo, who himself was bombarded with phishing attacks last year and was now aware of attacker tactics, immediately notified the security team to isolate the machine as he suspected an attack.

HackTheBox - The Last Dance [Crypto][Post Available Upon Challenge Retirement]

To be accepted into the upper class of the Berford Empire, you had to attend the annual Cha-Cha Ball at the High Court. Little did you know that among the many aristocrats invited, you would find a burned enemy spy. Your goal quickly became to capture him, which you succeeded in doing after putting something in his drink. Many hours passed in your agency’s interrogation room, and you eventually learned important information about the enemy agency’s secret communications.

HackTheBox - Nibbles [Linux]

The target is a Linux-based virtual machine hosting a web application (Nibbleblog CMS) with known vulnerabilities. The goal is to gain initial access by leveraging an unrestricted file upload vulnerability in a plugin, then escalate privileges to root by abusing sudo permissions on a local script. This walkthrough covers detailed enumeration, web content analysis, reverse shell exploitation, and privilege escalation through misconfigured sudo scripts, concluding with the capture of both user and root flags.

HackTheBox - Dog [Linux]

This machine is a Linux-based challenge that tests a player’s ability to exploit exposed development artifacts and misconfigurations in a CMS. The initial foothold involves discovering an exposed .git directory, reconstructing the Git repository, and identifying the use of a vulnerable version of Backdrop CMS. Exploiting this vulnerability enables authenticated remote code execution, leading to a low-privileged shell. Privilege escalation is achieved by abusing a cron-executed script or insecure module running as root, typically by injecting malicious code into a file or module that the system executes with elevated privileges.

HackTheBox - NeuroSync-D [DFIR]

NeuroSync™ is a leading suite of products focusing on developing cutting edge medical BCI devices, designed by the Korosaki Coorporaton. Recently, an APT group targeted them and was able to infiltrate their infrastructure and is now moving laterally to compromise more systems. It appears that they have even managed to hijack a large number of online devices by exploiting an N-day vulnerability. Your task is to find out how they were able to compromise the infrastructure and understand how to secure it.

Shannon Entropy

Entropy is a concept borrowed from thermodynamics and statistical mechanics, but it’s widely used in various fields, including information theory and cryptography. In simple terms, entropy refers to the measure of randomness or uncertainty in a system. In the context of cryptography, Shannon entropy is important, because it helps in understanding the randomness of data. A very practical use of this is to discern between encrypted and plaintext data. The higher the entropy, the more unpredictable the data is, and consequently it’s harder to predict the next element in the sequence.

Hello_world.txt

I created this space to share and reinforce my knowledge, and perhaps entertain you along the way. I tend to keep things simple, though I will not miss any important details when needed. Hopefully, you will find at least something useful along the way. My posts will mostly cover topics like Linux, cryptography, cybersecurity, and of course there’s going to be at least a little bit of programming involved. However, I’m always open to exploring new areas too.