SPF, DKIM, DMARC in a nutshell

I have just learnt something new about how SPF and DMARC interact with each other and the unexpected behaviour that might result from it. I find that most articles tend to cover SPF and DMARC separately and hence I will attempt to document the interaction in this article. Before we can proceed, ...

Infosec career progression

What are the technical requirements to progress in your career in cybersecurity? How do you move from an entry level analyst position into a senior analyst position? Starting from the defensive side of the house, an L1 SOC analyst usually starts with no experience in cybersecurity. The job role ...

Heroku build timeout 2021

If you have a Heroku app that has worked for many years and is suddenly experiencing a Duplicate build version error or if you are following an old tutorial from before 2021 and see the following cryptic error message in the build log. 1 2 3 ! ! Build timed out while waiting to start. ! Heroku ...

Windows Trust Boundaries

Understanding Windows trust boundaries is important as a penetration tester as security vulnerabilities are usually found at these boundaries. As an application developer, understanding these boundaries will help you develop more secure applications. I have never found this information ...

0 reportable cybersecurity incidents

At first glance, achieving 0 reportable cybersecurity incidents seem to be a commendable achievement. Other industries set similar KPIs, i.e. 0 workplace injuries. However, we must understand that this is extremely tough because we are facing an active adversary that is attacking constantly. ...

LOLBin: fhmanagew.exe

File history is a backup solution built into Windows from Windows 8 onwards. Once enabled, previous versions of files in Documents, Music, Pictures, Videos, Desktop and OneDrive folder will automatically be copied onto a backup drive. The File History Management Tool (fhmanagew.exe) is a Living ...

Fun with MD5 Collisions

We all know about MD5 hash collisions but I have never imagined that so much progress has been made. Meaningful hash collisions can now be computed on desktop grade hardware. The below collision was computed using unicoll on an i3 desktop in under 30 minutes. Position of byte differences have ...

GovTech CTF Writeup

Index Forensics - Walking down a colourful memory lane OSINT - Sounds of freedom! Cloud - Find the leaking bucket! Bonus - Bonus flag for submitting Awesome Write-up Walking down a colourful memory lane We are trying to find out how did our machine get infected. What did the user do? Please ...