<center id="svg-logo"><svg viewBox="0 0 2600 2326.9506" xmlns="http://www.w3.org/2000/svg" style="width: 512px; max-width: 33%; height: auto;"><path style="fill: var(--tx1);" d="M1300 2240l-950-522V638l950-528 950 528v1080l-950 522zm-617-502l-178-98v-43l178 98v43zm-126-152l-36-20v-126l36 19v127zm370 287l-178-99v-43l178 99v43zm-259-226l-36-20v-126l36 19v127zm-85-161l-87-48 44-38 43 86zm276 333l-36-23v-137l36 17v143zm-165-271l-87-49 44-38 43 87zm203 157q-62 0-104-56.5T751 1510l211 111q0 40-16.5 62t-48.5 22zm363 422v-937L430 730v940l830 457zm80 0l830-457V730l-257 143-36-72 250-139-827-461-827 461 827 458 240-133 39 71-239 132v937zm189-631v-472L655 509l78-45 876 514v329l47-65 90 27 77-115 46 15V843L977 321l79-46 893 522v480l-92-29-74 114-107-31-147 165z"/></svg><svg viewBox="0 0 2600 2326.9506" xmlns="http://www.w3.org/2000/svg" style="width: 512px; max-width: 33%;; height: auto;"><path style="fill: var(--tx1);" d="M1885 2240q-145 0-259.5-111.5T1457 1828q-24-84-59-145t-75-96q-61-54-117-80.5t-114-46.5q-53-19-106.5-44T876 1342q-64-58-103.5-140.5T706 995q-112-98-172.5-199.5T473 593q0-70 24-145.5t63.5-141q39.5-65.5 86-106T738 160q46 0 101.5 42.5T946 311q51 66 84 138.5t33 132.5q0 36-3 83t-3 66q0 19 4 34 6 7 32.5 22t89.5 42q130 56 225 112t161 125.5q66 69.5 110 163.5t72.5 224.5Q1780 1585 1801 1765q11 91 37.5 135t60.5 44q29 0 40-24.5t11-62.5q0-28-9-60.5t-26-61.5q19-5 30-7t23-2q63 0 114 32.5t81.5 86.5q30.5 54 30.5 121 0 79-40.5 141t-110 97.5Q1974 2240 1885 2240zm-901-390q-17 0-29.5-12.5T942 1809q0-17 12.5-29t29.5-12q18 0 30.5 12t12.5 29q0 16-12.5 28.5T984 1850zm85 75q-17 0-29.5-12.5T1027 1884q0-17 12.5-29t29.5-12q18 0 30.5 12t12.5 29q0 16-12.5 28.5T1069 1925zm-586-585q-16 0-28.5-12.5T442 1297q0-17 12.5-29.5T483 1255q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm-36-101q-16 0-28.5-12.5T406 1196q0-17 12.5-29.5T447 1154q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm727 708q-17 0-29.5-12.5T1132 1906q0-17 12.5-29t29.5-12q18 0 30.5 12t12.5 29q0 16-12.5 28.5T1174 1947zm-203-214q-17 0-29.5-12.5T929 1692q0-17 12.5-29t29.5-12q18 0 30.5 12t12.5 29q0 16-12.5 28.5T971 1733zm125 152l-36-18 69-121-124 79-24-28 104-81-96 7-12-54 231 3-17 210-30-3v-115l-65 121zm-595-732q-16 0-28.5-12.5T460 1110q0-17 12.5-29.5T501 1068q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm234 259q-61 0-100.5-33.5T573 1287l-79-3 2-23 52-17-77-35 5-22 75 15-48-64 32-14 46 56 5-83 26 5 30 149 70 45 92-146 101 116q-19 25-54.5 59.5T782 1386q-33 26-47 26zm-134-297q-16 0-28.5-12.5T560 1072q0-17 12.5-29.5T601 1030q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm568 676l-8-57-123-44q26 0 42.5-7.5t16.5-24.5q0-12-10.5-24t-23.5-23q-12-11-22-21.5t-10-20.5q0-14 22.5-36.5t53.5-47q31-24.5 57-41.5l222 127q-59 0-118 11.5t-94 24.5q119 62 119 110 0 22-23 38.5t-52 26q-29 9.5-49 9.5zm382 54q-22 0-38.5-16.5T1496 1790q0-22 16.5-38t38.5-16q22 0 38 16t16 38q0 22-16 38.5t-38 16.5zm-420-459q-22 0-38.5-16.5T1076 1331q0-22 16.5-38t38.5-16q22 0 38 16t16 38q0 22-16 38.5t-38 16.5zm-319-341q-22 0-38.5-16.5T757 990q0-22 16.5-38t38.5-16q22 0 38 16t16 38q0 22-16 38.5t-38 16.5zm249 131q-22 0-38.5-16.5T1006 1121q0-22 16.5-38t38.5-16q22 0 38 16t16 38q0 22-16 38.5t-38 16.5zM623 631q-31 0-53.5-22.5T547 555q0-32 22.5-54t53.5-22q32 0 54 22t22 54q0 31-22 53.5T623 631zm808 765q-22 0-38.5-16.5T1376 1341q0-22 16.5-38t38.5-16q22 0 38 16t16 38q0 22-16 38.5t-38 16.5zm220 189q-22 0-38.5-16.5T1596 1530q0-22 16.5-38t38.5-16q22 0 38 16t16 38q0 22-16 38.5t-38 16.5zm234 575q101 0 166-55.5t65-138.5q0-66-43.5-115t-104.5-61l31-6q14 31 19 57.5t5 53.5q0 43-34 86t-90 43q-71 0-117.5-70.5T1722 1774q-24-210-58.5-348.5T1569 1195q-60-92-160.5-159T1152 903q-65-28-98.5-50.5T1001 811q-12-13-17-31.5t-5-42.5q0-12 1-35.5t2-54.5q1-31 1-65 0-42-27-100t-67-113q-40-55-81-92t-70-37q-25 0-56.5 35t-61 89.5Q591 419 572 480t-19 113q0 169 223 357 32 135 64.5 209t89.5 124q47 42 91.5 63t97.5 39q59 19 123 50t134 92q51 45 92 117.5t66 161.5q47 166 141.5 260t209.5 94zm-554-964q-22 0-38.5-16.5T1276 1141q0-22 16.5-38t38.5-16q22 0 38 16t16 38q0 22-16 38.5t-38 16.5zM893 581q-31 0-53.5-22.5T817 505q0-32 22.5-54t53.5-22q32 0 54 22t22 54q0 31-22 53.5T893 581zm468 350l-157-72 32-150 75-31q29 69 37.5 130t12.5 123zm347 463l-98-219q0-38 28-50t69-12q35 0 76 4.5t75 13.5l95 5q8 13 8 26 0 19-16 40t-37 26l-191 40-9 126zm-545-733q-16 0-28.5-12.5T1122 618q0-17 12.5-29.5T1163 576q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm116 114l-131-141 32-26 54 37-15-105 39-5 21 75 29-69 36 14-21 80 49-37 10 28-103 149zm-44-204q-16 0-28.5-12.5T1194 528q0-17 12.5-29.5T1235 486q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm562 501q-17 0-29.5-12t-12.5-31q0-20 12.5-32t29.5-12q17 0 29.5 12t12.5 32q0 19-12.5 31t-29.5 12zm-392-431q-16 0-28.5-12.5T1364 598q0-17 12.5-29.5T1405 556q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm-70-80q-16 0-28.5-12.5T1294 518q0-17 12.5-29.5T1335 476q17 0 29 12.5t12 29.5q0 18-12 30.5t-29 12.5zm585 630l-125-132 24-30 64 67-6-125 29-7 16 84 37-71 24 8-33 102 63-50 16 32-109 122zm-38-199q-17 0-29.5-12t-12.5-31q0-20 12.5-32t29.5-12q17 0 29.5 12t12.5 32q0 19-12.5 31t-29.5 12zm163 90q-17 0-29.5-12t-12.5-31q0-20 12.5-32t29.5-12q17 0 29.5 12t12.5 32q0 19-12.5 31t-29.5 12zm-60-86q-17 0-29.5-12t-12.5-31q0-20 12.5-32t29.5-12q17 0 29.5 12t12.5 32q0 19-12.5 31t-29.5 12z"/></svg><svg viewBox="0 0 2600 2326.9506" xmlns="http://www.w3.org/2000/svg" style="width: 512px; max-width: 33%;; height: auto;"><path style="fill: var(--tx1);" d="M1300 2240q-203-69-363-222t-272-378q-112-225-171-511t-59-620v-70q305-21 528-94t337-185q114 112 337 185t528 94v70q0 334-59 620t-171 511q-112 225-272 378t-363 222zm0-84q183-69 328.5-216.5t247-360.5q101.5-213 155.5-482.5t54-583.5q-244-20-450-84t-335-163q-129 99-334.5 163T515 513q0 314 53.5 583.5T724 1579q102 213 247.5 360.5T1300 2156zm0-194q-147-61-261-186t-193-299.5Q767 1302 725.5 1093T682 655q204-22 355-69.5T1300 453q113 85 263.5 132.5T1918 655q-1 229-42.5 438T1755 1476.5q-79 174.5-193.5 299.5T1300 1962zm0-77V540q-104 69-237.5 111T754 717q8 282 77 519t189 405q120 168 280 244z"/></svg></center> <center><em>Attendere Ad Singula</em></center> ## Commentaries Occasionally I have thoughts to share about technology, security, hacking, or some combination thereof. `2022 Aug 15` | [[2022-08-15|Notes from HOPE and DEF CON]] `2022 Nov 27` | [[2022-11-27|Trying (and failing) to deploy a smart contract using an iPad Pro]] ## Tales Walk-throughs of some of the online CTFs I've done. These are all in narrative form so you can see my entire process - including some dead ends! `2020 Jul 27` | [[2020-07-27|Bandit]] `2021 Oct 10` | [[2021-10-10|Pickle Rick]] `2021 Nov 04` | [[2021-11-04|Basic pentesting]] `2021 Dec 07` | [[2021-12-07|Ice]] `2021 Dec 08` | [[2021-12-08|Blaster]] `2021 Dec 14` | [[2021-12-14|Overpass 2: Hacked]] `2021 Dec 30` | [[2021-12-30|Attacktive Directory]] `2022 Jan 02` | [[2022-01-02|Retro]] `2022 Jan 30` | [[2022-01-30|Tools'R'us]] `2022 Feb 01` | [[2022-02-01|Inclusion]] `2022 Feb 02` | [[2022-02-02|Jurassic Park]] `2022 Apr 03` | [[2022-04-03|Net sec challenge]] `2023 Apr 27` | [[2023-04-27|Union]] %% ### Unspoken tales `2022 Mar 19` | [[2022-03-19|LetSee Marketplace]] `2022 Aug 20` | [[2022-08-20|Security Innovation challenge coin]] `2023 Aug 11` | [[2023-08-11|Operation Cybershock]] %% ## Spells A variety of notes about hacking, written for my own reference. Some notes date to the beginning of my cybersecurity journey and are very basic, while others come from later in my career and are more advanced. May you find something useful here. Click on the tag for a list of notes related to that topic. ### Spells by attack cycle stage - #AttackCycle/Reconnaissance - #AttackCycle/Reconnaissance/BruteForcing - #AttackCycle/Reconnaissance/Fuzzing - #AttackCycle/Exploitation - #AttackCycle/Exploitation/AS-REPRoasting - #AttackCycle/Exploitation/BruteForcing - #AttackCycle/Exploitation/Kerberoasting - #AttackCycle/Exploitation/LocalFileInclusion - #AttackCycle/Exploitation/NullByteAttacks - #AttackCycle/Exploitation/SQLi - #AttackCycle/Exploitation/XSS - #AttackCycle/Exploitation/XXE - #AttackCycle/AntiForensics - #AttackCycle/PrivEsc - #AttackCycle/PrivEsc/GoldenTickets - #AttackCycle/PrivEsc/PassTheHash - #AttackCycle/LateralMovement - #AttackCycle/LateralMovement/PassTheHash - #AttackCycle/LateralMovement/SilverTickets - #AttackCycle/CommandAndControl - #AttackCycle/Exfiltration ### Spells for specific occassions - #HowTo - #LoLBins - #Scripts ### Spells dealing with specific protocols, operating systems, applications, etc. - #Application - #Application/ADB - #Application/Aircrack - #Application/arp - #Application/awk - #Application/base64 - #Application/basenc - #Application/BurpSuite - #Application/cat - #Application/Certify - #Application/CertUtil - #Application/cewl - #Application/cmd - #Application/cmdkey - #Application/crackmapexec - #Application/CUPP - #Application/curl - #Application/DayOne - #Application/dd - #Application/dig - #Application/dir - #Application/dpkg-query - #Application/driverquery - #Application/enum4linux - #Application/Evil-WinRM - #Application/Excel - #Application/ExifTool - #Application/ffmpeg - #Application/find - #Application/findstr - #Application/finger - #Application/Firefox - #Application/ftp - #Application/fuff - #Application/gdb - #Application/getcap - #Application/Git - #Application/gobuster - #Application/GoodLock - #Application/GPG - #Application/grep - #Application/Hashcat - #Application/hostname - #Application/Hydra - #Application/icacls - #Application/ifconfig - #Application/iftop - #Application/ike-scan - #Application/Impacket - #Application/ipconfig - #Application/JohnTheRipper - #Application/jq - #Application/JumpDesktop - #Application/KeePassXC - #Application/Kerbrute - #Application/LAME - #Application/ldd - #Application/less - #Application/libVirt - #Application/ls - #Application/lslpp - #Application/man - #Application/Metasploit - #Application/Metasploit/meterpreter - #Application/Metasploit/msfconsole - #Application/Metasploit/msfvenom - #Application/MicrosoftRemoteDesktop - #Application/Mimikatz - #Application/more - #Application/MSSQL - #Application/MySQL - #Application/nano - #Application/nbtscan - #Application/net - #Application/netcat - #Application/netsh - #Application/netstat - #Application/Nikto - #Application/Nmap - #Application/NodeJS - #Application/nslookup - #Application/Obsidian - #Application/OneDrive - #Application/OpenSSL - #Application/Oracle - #Application/oscanner - #Application/oslevel - #Application/OWASPZAP - #Application/ping - #Application/PostgreSQL - #Application/PowerShell - #Application/PowerShell/Invoke-Kerberoast - #Application/PowerShell/Invoke-Mimikatz - #Application/PowerShell/Powercat - #Application/PowerShell/PowerUp - #Application/PowerShell/PowerView - #Application/ProcMon - #Application/proxychains - #Application/ps - #Application/PsExec - #Application/psk-crack - #Application/query - #Application/readlink - #Application/reg - #Application/rlwrap - #Application/RogueWinRM - #Application/rpm - #Application/Rubeus - #Application/RunAs - #Application/SamsungDeX - #Application/SDelete - #Application/secedit - #Application/sed - #Application/select - #Application/Shortcuts - #Application/shutdown - #Application/sidguess - #Application/sleep - #Application/smbclient - #Application/smbget - #Application/smbmap - #Application/socat - #Application/SQLMap - #Application/ss - #Application/SSH - #Application/SSH/Dropbear - #Application/sudo - #Application/systemctl - #Application/systeminfo - #Application/takeown - #Application/tar - #Application/tcpdump - #Application/tee - #Application/telnet - #Application/TheHarvester - #Application/timeout - #Application/tmux - #Application/tnscmd10g - #Application/traceroute - #Application/tracert - #Application/type - #Application/unbuffer - #Application/ViM - #Application/VirtualBox - #Application/wfuzz - #Application/wget - #Application/whoami - #Application/WindowsExploitSuggester - #Application/windump - #Application/WinPEAS - #Application/winrs - #Application/Wireshark - #Application/wmic - #Application/Word - #Application/XFreeRDP - #Application/Xterm - #Application/xxd - #Application/youtube-dl - #Cloud - #Cloud/AWS - #Cryptography - #Cryptography/Cryptosystems - #Cryptography/Cryptosystems/RSA - #Cryptography/Hashes - #Cryptography/Hashes/AS-REP - #Cryptography/Hashes/bcrypt - #Cryptography/Hashes/LANMAN - #Cryptography/Hashes/MD4 - #Cryptography/Hashes/MD5 - #Cryptography/Hashes/NT - #Cryptography/Hashes/SHA1 - #Cryptography/Hashes/SHA256 - #Cryptography/Hashes/SHA512 - #Cryptography/Hashes/TGS-REP - #Cryptography/Signatures - #FileFormat - #FileFormat/Gemtext - #FileFormat/GIF - #FileFormat/HTA - #FileFormat/HTML - #FileFormat/JSON - #FileFormat/kirbi - #FileFormat/M4A - #FileFormat/Markdown - #FileFormat/MP3 - #FileFormat/MP4 - #FileFormat/VBS - #FileFormat/WebP - #FileFormat/XML - #FileFormat/XMP - #Hardware - #Hardware/iPadPro - #Hardware/Kobo - #Hardware/MACAddress - #Hardware/RaspberryPi - #Hardware/RaspberryPi/4B - #Language - #Language/Bash - #Language/Java - #Language/JavaScript - #Language/Perl - #Language/PHP - #Language/Python - #Language/Python/Scapy - #Language/Ruby - #Language/SQL - #Language/VisualBasic - #OS - #OS/AIX - #OS/Android - #OS/CiscoIOS - #OS/iOS - #OS/Linux - #OS/Linux/Distros - #OS/Linux/Distros/Debian - #OS/Linux/Distros/Kali - #OS/Linux/Distros/RedHat - #OS/Linux/Permissions - #OS/Linux/Polkit - #OS/macOS - #OS/Windows - #OS/Windows/ActiveDirectory - #OS/Windows/AMSI - #OS/Windows/Defender - #OS/Windows/Drivers - #OS/Windows/EventLog - #OS/Windows/Firewall - #OS/Windows/IIS - #OS/Windows/LSASS - #OS/Windows/Permissions - #OS/Windows/Permissions/SeAssignPrimaryToken - #OS/Windows/Permissions/SeBackup - #OS/Windows/Permissions/SeImpersonate - #OS/Windows/Permissions/SeRestore - #OS/Windows/Permissions/SeTakeOwnership - #OS/Windows/Registry - #OS/Windows/SAM - #OS/Windows/Server - #OS/Windows/Services - #OS/Windows/Tasks - #OS/Windows/UAC - #OS/Windows/UserInit - #OS/Windows/WinLogin - #OS/Windows/WMI - #OS/Windows/WSH - #Protocol - #Protocol/ARP - #Protocol/DCERPC - #Protocol/DNS - #Protocol/DRSUAPI - #Protocol/FTP - #Protocol/FTPS - #Protocol/Gemini - #Protocol/HTTP - #Protocol/ICMP - #Protocol/IMAP - #Protocol/IPSec - #Protocol/IPv4 - #Protocol/IPv6 - #Protocol/Kerberos - #Protocol/NetBIOS - #Protocol/NFS - #Protocol/POP3 - #Protocol/RCP - #Protocol/RDP - #Protocol/SIP - #Protocol/SMB - #Protocol/SMTP - #Protocol/SOCKS - #Protocol/TCP - #Protocol/Telnet - #Protocol/TLS - #Protocol/UDP - #Protocol/WiFi - #Protocol/WinRM - #Protocol/X11 - #Standard - #Standard/Base64 - #Standard/HD - #Standard/JWT - #Standard/MITRE - #Standard/MITRE/Emulation - #Standard/OSI - #Standard/POSIX - #Standard/RegEx - #Standard/URI - #WebApplication - #WebApplication/Gmail - #WebApplication/GooglePhotos - #WebApplication/IFTTT - #WebApplication/Netlify