Why is it always the Russians?

date_range 09/14/2019

Russian hackers have become a household meme at this point. Hackers from Russia are so prominent, that former Washington Post cybersecurity journalist Brian Krebs learned Russian to read their forums and leaked documents. According to his book Spam Nation, at one point, when a Russian bulletproof ISP that doesn’t respond to complaints was taken down, the amount of spam in the world fell by nearly 70% for the month. The title of the book itself refers to Russia, because at least at the time of its writing, most spam and cybercrime were coming from it. But why is it always the Russians? Thankfully I’m here to answer that question for you by pitching in my anecdotal experiences of growing up in Russia.

Security+ Tips and Tricks

date_range 07/15/2019

Security+ is an industry standard certfication that is very popular and held in high regard. CompTIA recommends you to have an Network+ level of knowledge combined with two years of IT administration experience with a focus in Security before you go for this exam, but that is nothing more than a recommendation. You can easily pass this exam with no IT work experience and without a Network+ behind you. I did and so can you. I initially passed this exam in December of 2018, but over time i realized that my tips and tricks were too surface-level, so i rewrote my blogpost entirely with extra information for you. I hope you find it at least remotely useful.

OSINT Utility and Death Threats

date_range 04/04/2019

Many people are lead to believe that in order for Open Source Intelligence to have any utility, they have to be a private investigator, a law enforcement officer or be in the intelligence and that is far from the truth. Now of course you might not have a need for it daily, but every now and then you will and if you have these skills when time comes, you will get an upper hand. You will be invaluable to your family, friends, loved ones and self.

NeverLAN CTF 2019 - Web

date_range 02/03/2019

Today NeverLAN CTF concluded with my team being somewhere in the top 1/4 out of 1600+ teams. I have learned a bunch about SQL and JavaScript, so to me it was time well spent. I spent most of it on Web Application challenges, as those seem to be the thing that interests me most and i would like to explain how they are all solved. Since this CTF was aimed at middle schoolers, that will be the level that i will explain the solutions on. The writeups will go as a narrative, with me explaining concepts as the challenges go. One of the challenges requires that you use Kali Linux, as it is an operating system created for those who test and implement network and computer security and it is good if you learn it. These writeups assume a certain level of computer knowledge and as much as i would like to, i can’t explain everything, as this article would become endless. Some of the stuff is linked for you to read up on in different sources, some of it you can google. With that said, let’s begin.

FireShell CTF 2019 - Bad Injections

date_range 01/27/2019

Today FireShell CTF 2019 wrapped up and ended. I had fun and i learned a lot. Coming into the ctf, i was expecting something a little more complicated than trivial, however it proved to be quite a challenge for my first ever serious ctf attempt. I decided to take on the most solved Web Application challenge called “Bad Injections”. With the help of my amazing friends and fellow contenders i came close to solving it, but ran out of energy at 2AM, 2 hours away from the end of the ctf.