A blog about pentesting and security

hackfest2016: Quaoar

[VM Completed on May 18th, 2017]

This machine was created for the Hackfest 2016 conference that happens in Quebec City, Quebec, Canada. This is a conference I am hoping to attend one year. Looks like a great time. There are three flags on this box according to the information on the VM. But I could only find 2, the shell and root flag. Not sure what the post-exploitation flag is. Anyways, let's jump into it.

nmap time:

AtlSecCon 2017

I had the wonderful opportunity to present at AtlSecCon 2017! Was really nervous but the good people at AtlSecCon treated me awesome. I was in the first line of presenters on day 1. So it was over quick and I got to enjoy the rest of the conference.

My presentation on phishing can be found at Speakers Deck.

Hackday Albania 2016

[VM Completed on Nov 11, 2016]

First thing I'm going to point out is that this was the first machine I rooted in awhile. My wife gave birth to our first child in March and I stepped away from all this. So I was a little rusty, but things started to work once I sat and thought about it. Here we go!

So the VM is set to DHCP and after a quick scavenger hunt, I found it. So naturally nmap is the next step. Since these aren't production systems, I just do a generic, lazy, full blown nmap scan to make sure I don't miss anything.


I had the wonderful opportunity to present at The HASK last night, May 25th, in Downtown Halifax. I had a great time and I can't thank the organizers enough. I wish there was something like this when I was going to university. To see the amount of IT students and IT professionals at the event was amazing.

I was asked to post the slideshow from my presentation. So you'll find it here at Speaker Deck's website.

My Recommendations for OSCP

I've been asked a couple of times now, "What do I need to know to become OSCP certified?". It's a hard question to answer. For people who don't know, OSCP stands for Offensive Security Certified Professional. It's a grueling course by the folks over at Offensive Security, but the payout is extraordinary!

OSCP Tips and Tricks

Here is a grouped list of things that helped me during my OSCP course. This is just the tip of the iceberg of what commands you'll need to know. However, I used these commands a lot. I'm not going to go into details on what command does what. You should be able to figure it out or already know it.

Subscribe to