Posts
-
Ordering matters - the case of the slow RDS snapshots
A story of trying to perform maintenance against a fleet of RDS instances, and meeting some unexpected friction due to doing things in the wrong order. -
CyberThreat18 CTF challenge write-up - "Binary A"
Write-up of one of the CTF challenges from CyberThreat18, specifically we will be pulling apart an Android application, patching out some of the code behind the app, and putting it back together so we can run the patched version. -
CyberThreat18 CTF challenge write-up - "Network A"
Write-up of one of the CTF challenges from CyberThreat18, specifically we will be doing some packet capture analysis, protocol reverse engineering, and abusing flaws in the protocol to get the flag. -
Solving the SANS Holiday Hack Challenge 2017
Every year, the folks at Counter Hack Challenges and SANS run a cyber security challenge for people to enjoy over the festive season, and once again it was as fun and educational as ever. In this post, you'll find my crudely written-up solution. -
OnePlus OxygenOS built-in analytics
We take a look at the analytics built into the OxygenOS, the flavour of Android built by phone manufacturer OnePlus. -
Information disclosure vulnerability in TP-Link Easy Smart switches
Broadcast management traffic, information disclosure and unauthenticated firmware updates among the most serious vulnerabilities in the TP-Link Easy Smart line of network switches. -
Solving the SANS Holiday Hack Challenge 2016
Every year, the folks at Counter Hack Challenges and SANS run a cyber security challenge for people to enjoy over the festive season, and this year it's a corker. In this post, you'll find my crudely written-up solution. -
EE Bright Box default WPA passphrases are not secure
In this post, we look at some default EE Bright Box passphrases that are in the wild, and speculate the out-of-the-box security offered by them.
subscribe via RSS