Recently, I received a message from a very concerned customer. He was afraid of a mailbox breach on one of their email servers. Some of his clients had receive email messages on behalf of his compa...

How do you recognize spoofed email?

Hack The Box Write-Up TheNotebook - 10.10.10.230
A bug is never just a mistake. It represents something bigger. An error of thinking. That makes you who you are. Elliot Alderson (Mr. Robot) About TheNotebook In this post, I’m writing a w...

Hack The Box Write-Up ServMon - 10.10.10.184
Monitoring is not protection. Myself About ServMon In this post, I’m writing a write-up for the machine ServMon from Hack The Box. Hack The Box is an online platform to train your ethical ...

Hack The Box Write-Up Cascade - 10.10.10.182
Your most unhappy customers are your greatest source of learning. Bill Gates About Cascade In this post, I’m writing a write-up for the machine Cascade from Hack The Box. Hack The Box is a...

Hack The Box Write-Up Remote – 10.10.10.180
It doesn’t matter how many times you get knocked down. All that matters is you get up one more time than you were knocked down. Roy T. Bennett About Remote In this post, I’m writing a writ...

Hack The Box Write-Up Traceback – 10.10.10.181
Aim for the sky, but move slowly, enjoying every step along the way. It is all those little steps that make the journey complete. Chanda Kochhar About Traceback In this post, I’m writing a...

Hack The Box Write-Up Book – 10.10.10.176
Notoriety wasn’t as good as fame, but was heaps better than obscurity. Neil Gaiman About Book In this post, I’m writing a write-up for the machine Book from Hack The Box. Hack The Box is a...

CVE-2020-0796: SMBv3 RCE vulnerability in SMBv3 (GhostSMB)
CVE-2020-0796 is a remote code execution vulnerability in SMBv3. An attacker could exploit this bug by sending a specially crafted package to the target SMBv3 server, which the victim needs to conn...

Domain Controller Password Quality Check
Overview In this article, we gonna talk about auditing the quality of the passwords from a Microsoft Windows Domain Controller. As we all know, we need to use strong passwords. SysAdmins do have c...

Cybersecurity podcasts
When I’m traveling to my work with the train, car or bike, I’ll like to listen to podcasts. I especially enjoy cybersecurity podcasts. There are several podcasts I’m currently following. And I’d lo...