Route Zero: Security Tools, Tips & Recs

  • Proving Grounds Practice: Synapse Walkthrough

    Today, we will explore Synapse, a Try Harder-level Linux machine on OffSec’s Proving Grounds Practice. We’ll delve into exploiting a Server Side Includes (SSI) injection vulnerability to gain initial access, and then crack a GPG-encrypted file to move laterally into a user account. Finally, we’ll escalate our privileges to root… Continue ⇢

  • BREAKING: T-Mobile Breached in Massive Chinese Cyberespionage Campaign

    Key Takeaways In what cybersecurity experts are calling one of the most significant telecommunications security incidents of 2024, T-Mobile has fallen victim to a sophisticated cyber-espionage campaign. Early investigations point to Chinese state-sponsored hackers as the perpetrators, raising serious concerns about national security and customer privacy. The Breach: What We… Continue ⇢

  • Introduction to Wi-Fi Pineapple: Tools, Techniques, and Defense

    Wi-Fi Pineapple is one of the most powerful tools in the arsenal of ethical hackers and penetration testers. Developed by Hak5, it’s a specialized device designed to conduct advanced wireless penetration testing, network auditing, and even social engineering attacks. Its ease of use and feature-rich platform make it both a… Continue ⇢

  • The Best Antennas for Wireless Pentesting

    Wireless pentesting is a specialized field that demands both technical expertise and the right equipment. A high-quality antenna can make a significant difference in successfully auditing networks, improving the ability to capture weak signals, inject packets effectively, and conduct thorough analyses. In this article, we’ll explore five of the best… Continue ⇢

  • Proving Grounds Practice: Nukem Walkthrough

    Today, I’ll guide you through Nukem, an intermediate-level machine on OffSec’s Proving Grounds Practice. In this walkthrough, we’ll gain remote code execution (RCE) via a vulnerable WordPress plugin, discover a SUID binary that requires GUI access, and leverage a VNC service to exploit this binary for root access. Join me… Continue ⇢

  • Question of the Day: CISSP

    Continue ⇢

  • Question of the Day: CISSP

    Continue ⇢

  • Proving Grounds Practice: Butch Walkthrough

    Today, I’ll guide you through Butch, an intermediate-level Windows machine on OffSec’s Proving Grounds Practice. In this walkthrough, we’ll uncover vulnerabilities through SQL injections, gaining unauthorized access to a web application. We’ll leverage this access to overwrite a file and execute code to gain a reverse shell. This guide will… Continue ⇢

  • Book Review: Jon Erickson’s Hacking: The Art of Exploitation (2nd Edition)

    TLDR Overall Grade: A minus Pros Cons Deep technical insights Steep learning curve Timeless fundamentals Dated specific examples Hands-on examples Dense reading material Excellent C programming coverage Not for security beginners Strong focus on creative thinking Some tools now obsolete Includes LiveCD environment x86 assembly focus only Full Review Finding… Continue ⇢