-
Impersonating Slack Users - Red Team Tradecraft
Introduction So you want to impersonate someone on Slack? Maybe claim that you’ve hacked the next Uber? To do this some assumptions are made for those looking to follow suit. One major assumption is that you have a C2 agent on the intended victim(s) or were able to steal their...
-
Post-OSCP Certification Job Hunting
Introduction I acquired my OSCP Certification back on the 12th of May 2019. It took three attempts to acquire it but I prevailed. I should note this was for OSCP/PWK v2. The course was recently updated to v3 in early 2020. You can read my take-aways and experiences per attempt...
-
Creating Boxes for Vulnhub
Introduction If you’re viewing this you’re most likely interested in developing your first box for Vulnhub. For those that are unaware of what Vulnhub is: Basically a website for individuals to upload vulnerable virtual machines (VMs) for others to perform assessments against to hone their skills. You can find it...
-
InfoSec Prep: OSCP Vulnhub Walkthrough
Introduction The InfoSec Prep Discord server ( https://discord.gg/RRgKaep ) works closely with the Offensive Security staff. As such, OffSec gave our server an OSCP voucher code to give away. The voucher code will allow anyone to have 30 days in the labs, receive the course materials (videos + PDF), and...
-
HTB: Craft Experience
Introduction This is not a walkthrough guide or tutorial on how to go about obtaining user or root on this system. Simply put, this is a write up of my experience in owning the system Craft. This system definitely mimics a real world scenario that an individual in the penetration...
-
Get IP address for VPN automatically
Introduction I wanted to create something that would automatically grab my VPN adapter’s assigned IP address. I started looking into ways to do it and came up with a command that would give me the IP itself. However, it would not create an environment variable for me or do everything...
-
OSCP - Developing a Methodology
Image owned and created by Offensive Security I’ve been asked several times on Discord to create a post regarding my methodology and how to establish one. Mainly the individuals asking me this are new OSCP Students. As such this is primarily targeting the new OSCP students and for those genuinely...
-
Virtual Hacking Labs
Introduction I came across the Virtual Hacking Labs (VHL) during a break between failed Offensive Security Certified Professional (OSCP) Certification exams. It was shortly after my second failed attempt that another user on the same OSCP Discord server I was on had mentioned Virtual Hacking Labs. Determined to pass on...
-
Useful OSCP Notes & Commands
Offensive Security OSCP Logo After finally passing my OSCP Exam I figured I would create a post with my useful notes and commands. These notes / commands should be spoiler free of machines in both the lab and the exam and are not specific to any particular machine. I will...
-
OSCP Exam Attempt #3
Disclaimer I PASSED my third OSCP exam attempt. This is more just a post detailing my new experiences the third time around. For those of you first tuning in, should you wish to review my first failed attempt you can do so here: https://devzspy.github.io/oscp/2019/02/19/oscp-exam-attempt-1.html or review my second failed attempt...
-
OSCP Exam Attempt #2
Disclaimer I failed my second OSCP exam attempt. This is more just a post detailing my new experiences the second time around. Additionally, I’ll be adding to the take-aways from my first attempt. For those of you first tuning in, should you wish to review my first attempt you can...
-
OSCP Exam Attempt #1
Disclaimer: I failed my first OSCP exam attempt. This is more just a post detailing my experiences and take aways from this OSCP exam attempt. Introduction: I started my OSCP journey about 3 months ago back in November 2018. I had been volunteering for my companies Red Team without much...