Pwnagotchi Set Up - 2020-01-13 23:30:00

Basic Setup first things first you will need the following items Raspbery pi (with wireless its better to use the pi0W but you can use a pi3) MicroSD card (at least 8 Gb) SD card reader(Duh!) and a little patience (some times things wont got to plan accept this and take a breath ;) ) Step 1 - Installation of the Pwnagotchi .img head over to and grab a copy of the the .

Cyber Strike vs Air Strike - 2020-01-10 14:35:14

Cyber Strike vs Air Strike Iran has vowed revenge after the killing early Friday of the Iraq Revolutionary Guard General Qasem Soleimani. One likely way Iran could retaliate is through cyber-attacks, experts say. According to CNN, a website operated by the little-known Federal Depository Library Program,, was hacked and defaced on Saturday 4th of January and has been taken offline. This attack, which is claimed is done by Iranian hackers, didn’t take the server down, instead they changed the DNS info for the domain which redirected traffic to their site.

PHP Malware Examination Part 2 - 2018-11-27 21:56:04

Presented by Tim Follow me on Twitter Following on from the malware, I investigated earlier in the month, my friend gave me further files to continue working out what was the function of the malware. See part 1 here.. All analysis was performed on a virtual machine and only details which could have identified the victim have been removed. What I was given The first think he pointed out was that there was over 50MB of the infection.

PHP Malware Examination - 2018-11-07 21:56:04

Presented by Tim Follow me on Twitter Update - Part 2 I was asked earlier this week by a friend to have a look at some malware, which had been uncovered on a compromised computer. I didn’t ask where it had came from, or indeed the host environmnet. Having programmed in PHP since university and malware analysis is kind of a hobby, I thought I would give it a go.

OWASP CTF Prep - Crypto Challenge - 2018-10-20 00:00:00

Presented by Paul Follow me on Twitter Useful Pages for the crypto challenges Dcode is a really cool website with lots of different tools to help with decoding of various cryptography CyberChef Cyberchef is a tool that you can use to encode and decode things into all sorts of different formats, it’s a really great tool you should check it out! There also seems to be a Twitter account that will post more clues

OWASP CTF Prep - 2018-10-18 13:07:40

Presented by Tim Follow me on Twitter Soon …

Bob Vulnhub Vm Writeup - 2018-05-30 22:50:00

Presented by Paul w Follow me on Twitter Introduction Tonight I thought I’d have a go at a box on VulnHub the box I picked was a fairly recent one as I wanted to ease myself back into doing some CTFs - I’ve been a bit busy doing other things recently - anyway I chose the box Bob:1.0.1 it sounded fairly simple: “Your Goal is to get the flag in / Hints: Remember to look for hidden info/files”

STEM CTF Cyber Challenge 2018 Write Up - 2018-04-21 00:00:00

Written by Rob (@iamrastating) Challenge: “Express” Checkout Description It took a lot of courage but our great team accomplished the unthinkable. We are happy to announce a fantastic new express checkout experience. Our customers are going to love it! This new workflow has your items delivered to someone else in no time flat! Categories Web Points 50 Solution Viewing the customer listing revealed e-mail addresses of all customers. The challenge was solved by enumerating all e-mail addresses to find one which could be used on the checkout page for dandelions.

AES decode with Cyberchef - 2018-03-20 23:50:00

Presented by Tim Follow me on Twitter Introduction This is a follow up article to Paul W’s write-up about m1con’s mobile ctf. In the article, Paul mentioned Cyberchef, and it was a quick way of solving the challenge. Since Cyberchef wasn’t covered, and may provide a quicker solution for future ctf challenges, I decided to describe it here. What is CyberChef? CyberChef was developed by GCHQ to quickly perform certain operations on inputs.

M1Con CTF Write up - 2018-03-20 23:50:00

Presented by Paul w Follow me on Twitter Introduction Last night I went to the meetup group “M1 Con” hosted by Digital Interruption and Outsource UK Ltd. Jay Harris gave a talk about mobile security - it wasn’t super technical, but it highlighted the fact that clearly security is still a bit of an after thought especially when it comes to mobile development - he cited examples of issues that crop up in mobile devices that were fixed in web apps (XSS vulnerabilities for example) long ago.