Recon ┌──(root㉿kali)-[~/HTB/Legacy-10.10.10.4/nmap] └─# nmap --script smb-vuln* -p 445 -oA smb_vulns 10.10.10.4 Starting Nmap 7.93 ( https://nmap.org ) at 2023-03-21 23:04 EDT Nmap scan report for 10.10.10.4 Host is up (0.18s latency). PORT STATE SERVICE 445/tcp open microsoft-ds Host script results: | smb-vuln-ms08-067: | VULNERABLE: | Microsoft Windows system vulnerable to remote code…

In this walkthrough, we will be exploring the "Nibbles" machine from Hack the Box, without using Metasploit. Reconnaissance We begin with our reconnaissance phase, where we gather as much information as possible about the target. Nmap Scan We start with an Nmap scan to identify the open ports and running services on the…

For the last 3 years, I’ve been working in the realm of FISMA and FedRAMP compliance for an industry-leading 3PAO (third-party assessment organization). This is a part of cybersecurity that falls under the Governance, Risk, and Compliance areas also known as GRC. From my experience, these areas of cybersecurity get…

Understanding FISMA compliance and risk management frameworks can be daunting, particularly when it comes to navigating the complex documentation and guidance provided by the federal government. In this blog post, I will simplify the process of achieving FISMA compliance and implementing a risk management framework to secure your systems. Understanding FISMA and Risk Management Frameworks: FISMA…

The “lazy” in me tried to make this vulnerability analysis the other day easier on my poor spreadsheet-weary eyes. Objective: Compare 2 Lists of IP addresses using Python Here’s a simple way to compare lists of IP addresses in python You might for example want to compare a baseline inventory list to a routine Nessus scan to ensure all machines are logged in the inventory Github: https://github.com/ethanolivertroy/compare-lists

Just another TJ Null box preparing for the OSCP on a Sunday. Recon nmap -sC -sV -O -oA nmap/initial 10.10.10.3

With and Without Metasploit Originally, I solved this box as part of the TCM Security Practical Ethical Hacking course with Metasploit but Heath, the instructor, did mention going back to solve it manually would be good practice. Whelp since the OSCP only lets one Metasploit use, I figure let me…

One of the first HTB boxes I solved a few months ago from the TJ Null List in preparation for the PNPT and OSCP. Solving the “Devel” box can be divided into 3 main steps: Recon We conduct some recon using nmap or rustscan look into MS-IIS/7.5, google a bit…