-
Living Off The Land: Sliver C2-sharpsh edition
After just wrapping up on recent adventures of PEN-300, one thing is clear: most lab environments waste no time spilling their secrets once you use tools like SharpHound, PowerView and maybe even ADPeas! But what about those situations where such tools get caught? Or you are sitting in an air-gapped environment with zero internet access…
-
Wake Up, Arty: The PHY is Calling
Previously on “Challenge Accepted: FPGA Ethernet Filters” I started this ambitious (to say the least 😆) journey, of building an FPGA-based network filter. I spent time understanding, debugging and wrapping my head around the whole setup and implementation, without realizing one simple and painful fact: the Ethernet physical connection was not working. My goal was…
-
Re-Vita-Lized
I don’t know who the hell started this “themed GIFs” thing in our blogs, but I’m pretty sure it was Izzny. If it was indeed me, I’m still pointing at Izzny. I didn’t have a great GIF theme idea for this one right away, but I also didn’t want to be the one to ruin…
-
Challenge Accepted: FPGA Ethernet Filters
You see, kids, building an FPGA-based network filter isn’t just about blocking packets; it’s all about the design. In this blog, I’ll take you through how I created, tested, and re-tested the implementation of an Ethernet filtering system—laying the first stone of something LEGENDARY. Never seen How I Met Your Mother? Doesn’t matter. If you…
-
Notepad(p)esky(p)lugins
It was only months ago we got to go do our very first cyber related talk at BSides Las Vegas, which involved demoing how a malicious DLL mod for Skyrim could look like. At the end, during Q&A, someone asked a question along the lines of “How many corporate computers do think have Skyrim installed?”…
-
The One Where FPGA Says Hello and Lights Up
Have you ever had that feeling when someone mentions anything at work or a social setting, and you’re like, “Hm, sounds interesting!” You know that moment when you know you’ve heard the term before, but you don’t have a good understanding of what it actually is. Yeah…. That’s FPGA for me (or at least, it…
-
V.I.T.A. (Variations In The Acronym!)
Introducing VITA! – “Vulnerability and Intrusion Threat Analyzer”! … or maybe…. “Virus Identification and Threat Assessment”….. “Verification of Intrusions, Threats, and Anomalies”? Since I cannot seem to settle on one, it’s probably best for you to just pick the one you like best. Throughout one’s pentesting / malware development or analysis journey, one will typically…
-
Conjuring Reverse Tunnels with Ligolo
During this OSCP journey I’ve embarked on in the past few months, the topic of tunneling and pivoting was covered. One night I got frustrated using SOCKS and all of those things, so I went to the OSCP Discord channel, where Ligolo came up as a recommended tool for tunneling. I asked Aromak if he…
-
A walk on the blue side: Part 3
In my previous blog, I show off how I was able to get Wazuh up and running on an Ubuntu VM, 4 agents installed on 4 separate Raspberry Pis, and 1 agent on a Windows 10 VM. I dove into configurations and testing to understand the beginning fundamentals of Wazuh SIEM. The goal of this…
-
OOO – BSides / DefCon
Here we are, August 2024. Exactly 1 year past the creation of Hexxed BitHeadz. Back on our way to BSides and DefCon Las Vegas, same as we’ve done every year for several years now. Well… Not quite the same… Assembling these articles every month has proven to keep us open minded and deeply involved in…
-
A walk on the blue side: Part 2
Welcome BACK to my Blue Side adventures. For several years now, I have practiced setting up home lab environments for the sake of practicing penetration testing and red team methodologies. I bet I still have quite a collection of VulnHubs on a drive somewhere around here. But something that has been missing, is getting a…
Blogs
1–2 minutes
