The days in Wareville flew by, and Software’s projects were nearly complete, just in time for Christmas. One evening, after wrapping up work, Software was strolling through the town when he came ac...

SOC-mas is approaching! And the town of Warewille started preparations for the grand event. Glitch, a quiet, talented security SOC-mas engineer, had a hunch that these year’s celebrations would be...

Today’s AoC challenge follows a rather unfortunate series of events for the Glitch. Here is a little passage which sets the scene for today’s task: https://tryhackme.com/r/room/adventofcyber2024 ...

It’s the most wonderful time of the year again, and it’s also the most stressful day for Wareville’s Security Operations Center (SOC) team. Despite the overwhelming alerts generated by the new and ...

McSkidy’s fingers flew across the keyboard, her eyes narrowing at the suspicious website on her screen. She had seen dozens of malware campaigns like this. This time, the trail led straight to some...

The Sticker Shop was a very simple room about exploiting a Cross-Site Scripting (XSS) vulnerability to steal the contents of a page and retrieve the flag. Initial Enumeration Nmap Scan We star...

Lookup started with brute-forcing a login form to discover a set of credentials. Using these credentials to log in, we found a virtual host (vhost) with an elFinder installation. By exploiting a co...

Mouse Trap was another purple team room where we started on the attacker side and exploited a remote code execution (RCE) vulnerability to gain a foothold. After that, we exploited an unquoted serv...

Hack Back started with reverse-engineering an executable file to discover an email address and a password. After that, we used these credentials to send a phishing email and obtain a shell. Lastly,...

SeeTwo was a room about extracting a basic C2 client from a packet capture file and reverse engineering it to understand its functionality. Using the same packet capture file, we then extracted the...