07/12/2022 Update

Hello all! I hope that you have been well, enjoying the content that I have put out on the website, and are making strong progress on your cybersecurity eductions as well! I apologize for not having more CTF writeups readily coming out as well. I decided to set out a goal plan for myself of where I would like to be in the next year or two, let me explain. My journey into cyber security has been both like drinking from a firehose and reaching out into the void, where on one hand there is so much information to take in, while on the other I have found that it has been really difficult to find any sort of heading of where I should set my sights on. For some time now I have been working through pwn.college to solidify my base in my security knowledge so that I can not only get better at approaching CTF challenges but also eventually graduate to bigger fish like HackTheBox. I decided to set my sights on getting my OSCP certificate within the next year or so, but first I need to ramp up on the skills that are required to tackle that. I figure that if I can get through all the challenges on pwn.college, get a couple HTB boxes under my belt, I can dive into the OSCP cert course with a chance of making it out with a passing grade, my lack of write-ups is due to this endeavor. Pwn.college is a great resource, however, the creator requested that participants refrain from posting write-ups since it is also used as course materials for the college classes that they teach, so while I have been making strong progress on these challenges I have kept my learnings to myself. I can talk about my experience working through the challenges though! Currently, I am working through the assembly refresher course where you have to send shellcode to challenges in a remote machine in order to get the flag. The challenges aren’t like pico where you are exploiting vulnerabilities like pico (yet) but rather practice skills that are important to know when exploiting different machines. Some of the challenges in the “program misuse” category teach you to use different programs to read flag files that don’t typically do so, like gcc, or cp, really fun stuff, and I highly recommend giving them a try! I hope that after some time working through some more of the challenges on pwn.college I can deliver some more write-ups soon, so check back soon! Until then, best of luck and happy hacking!

Leave a Reply

Your email address will not be published. Required fields are marked *