#hack100days Day65: Looked at the CTF again. No new challenges. Did more enum on one of the remaining, but didn't make progress. Hit Offsec Proving Grounds Play and pwned "Dawn", so that helped recover some ego. #infosec #cososec
#hack100days Day64: Started a multiday CTF. Got three of the first five challenges presented and am sitting on 800/1000 points. Going to sit in on Alh4zr3d stream before making dinner and watching the Jan6 shennanigans. #infosec #cososec
#hack100days Day63: Hack the Box Academy today. Worked on LFI module. #infosec #cososec
#hack100days Day62: Okay, I lied. Not HtB. Looked at an Offensive Security Proving Grounds-Playground box. Watched a live walk-through on the box. Also watched an Ippsec video re: LFI. #infosec #cososec
#hack100days Day61: Finished _Bug Bounty Bootcamp_, skipped chapter 23 and read chapters 24 & 25. Tomorrow, back to #htb. #infosec #cososec
#hack100days Day 60: Read chapter 22 of _Bug Bounty Bootcamp_. #infosec #cososec
I really wish that large leftist accounts would focus more on productive countermeasures and less on mouth-foaming outrage.
Vilifying Mitch McConnell is wasted effort that plays into GOP mechanations, and using that platform to drive turnout and support for Democrat Senate candidates would go a lot further towards making the evil turtleman irrelevant. #politics
#hack100days Day59: Turns out I read chapter 20 yesterday and chapter 21 tonight. Duh. Saw a walk through yesterday that leveraged looking for .git on a web page. I haven’t done an analysis on that kind of information disclosure vuln, but I reckon it’s rare but damaging. Tomorrow, we read code. #infosec #cososec
#hack100days Day58: Read chapter 21 in _Bug Bounty Bootcamp_. Dangling CNAME is bad, m'kay? A deeper dive on sign-sign-on exploits is really going to be needed for effectiveness. #infosec #cososec
#hack100days Day57: watched a live stream, Alh4zr3d breaks two k8s challenges on try hack me #infosec #cososec
#hack100days Day56: More cracking at trick.htb. Found a thing on an entry point, but I'm stuck turning it into something more useful. Tantalizing config on entry point two, but it isn't giving me any goods. #infosec #cososec #hackthebox #tryharder
#hack100days Day55: More banging on trick.htb. Found a new potential entry point. Took a while to figure out how to find it, but didn't get terribly far on it before I had to pack it in. #infosec #cososec #hackthebox
Muddling through.