Blue-Lab

Posts

  • A Glossary of Terms : Attacks

    A Glossary of Terms : Attacks

    A Quick Glossary of Attack Types

  • A Glossary of Terms : DFIR

    A Glossary of Terms : DFIR

    This table holds a glossary of Terminology linked to DF, IR and DFIR activities.

  • CMD to PowerShell Quick Ref

    CMD to PowerShell Quick Ref

    Hey! Hey, do you want a quick ref that transfers your CMD line knowledge to Powershell Well here it is! CMD PowerShell What is it? wevutil get-winevent Events !! Filter this though netstat -nao Get-NetTCPConnections It’s netStat yo! sc query get-service List of Services wmic process get-process list of processes 🙂 net user get-LocalUser Local […]

  • What I Learned From Hack The Box: DNS Digging, Eyewitness & Exploiting File Uploads

    What I Learned From Hack The Box: DNS Digging, Eyewitness & Exploiting File Uploads

    While exploring a recent intermediate Hack The Box (HTB) lab, I spent some time sharpening my approach to web-focused enumeration and testing. I didn’t complete the lab due to time constraints, but it offered a good opportunity to revisit core techniques and tools, particularly around DNS discovery, web recon, and handling file upload functionality. This […]

  • THM Write-Up : Summit

    THM Write-Up : Summit

    Back to it! Ok so in Summit you are playing the role of an analyst, you need to investigate a variety of system information to identify the threats presented during a Purple team exercise. Link for those who want to give it a shot :- https://tryhackme.com/r/room/summit As this task is relatively straight forward, I am […]

  • THM Wreath : Write-up [Part 2 ; Pivoting]

    THM Wreath : Write-up [Part 2 ; Pivoting]

    Welcome back! In Part 1 we were able to gain a foothold on a system primarily the front end webserver within Thomas Wreaths network. What did we collect along the way? L00T The start of this task introduces us to Pivoting, or as the task says “Pivoting is the art of using access obtained over […]

  • Learning about Cyber First Responders

    Learning about Cyber First Responders

    This post is more like a collection of notes that I have found useful, this page will have a focus on incident response. Order of Volatility This identifies the order in which data should be preserved when first accessing a system. As a rule of thumb, unless there is absolutely a good reason to, don’t […]

  • Metasploit Usage

    Metasploit Usage

    Metasploit is a pen testing framework maintained by Rapid7. This Page is inspired by the RP Metasploit room on TryHackMe. The Metasploit Framework is built on many tools and modules allowing for quick and easy exploitation of target systems. Theses Modules are Setup If this is the first time you are configuring Metasploit, you may […]

  • THM Writeup: Insekube

    THM Writeup: Insekube

    Quick article on the THM room “Insekube”…. This was not quick and there is a bug in this room FYI. Task 1 Scan the system. A quick scan of the system is all that is needed to answer Q1. Spin up the machine, and get the flag. I am told they are in the env […]

  • THM Wreath : Write-up [Part 1 ; Intro and Webserver]

    THM Wreath : Write-up [Part 1 ; Intro and Webserver]

    Another day, more lessons to be learned! I am running through the TryHackMe room “Wreath”. Copied straight form the THM Room, here are the learning objectives. Wreath is designed as a learning resource for beginners with a primary focus on: The following topics will also be covered, albeit more briefly: As I progress through the […]