OSCE review

I have written an OSCP review and a SANS SEC660 review a few years ago. As time passes, I find these reviews harder and harder to write. Over the years, I have learnt on the job, through my own research and through such courses and CTFs. All this prior knowledge has made it very difficult for ...

Vulnserver - Order of difficulty

Most guides out there give a walkthrough on solving individual functions within vulnserver. However, when practising for OSCE, I do not want the solutions. Instead, I want to know the order of difficulty of the various functions so I can start from the easiest function and work my way towards ...

Free fresh notes for ang bao

I came up with this technique a few years ago and never had to queue for fresh notes for ang bao since. Hence, I believe it is worth sharing. When you receive your ang bao this year, do not spend or deposit the fresh notes. Keep it and pass it to your parents to fill their ang bao for Chinese ...

Phishing with actual bait

If you received an email like the one below, would you try out the voucher code and see if it works? I sure as heck would, there is literally zero risk from doing so. Assuming the voucher code works and your account is credited with $5 immediately, how far would you be willing to go to get an ...

Overwriting MBR

We have all come across malware which overwrites the Master Boot Record (MBR) of a machine, leaving it unbootable. The code required to overwrite the MBR is surprisingly simple. We will first need to open a write handle to the physical device using the CreateFile API. The MBR is stored in the ...

FLARE-On 6 - Solve vv_max by hand

After looking at the published solutions for FLARE-On 6, I realised that for challenge 11, vv_max, most people used a script to either reverse the AVX functions or to brute force it. My approach was different, I made use of memory breakpoints strategically placed at the address of the arrays to ...