Getting Started Guide for VetSec Wargame Exploit Development Tutorials

Hey everyone! This post will serve as a supplement to my first of many tutorials on Buffer Overflows for Linux which will tie into my Exploit Development tutorials. I will try to keep this post focused on the minimum amount of knowledge needed to understand what a buffer overflow is, how it works, and how to…

Review: SANS VetSuccess Academy

Introduction Cybersecurity is a growing field in high demand; however, many estimates predict a shortage of approximately 3.5 million qualified cybersecurity candidates by 2021. This shortage is leaving many companies vulnerable to data breaches, ransomware, and other cyber-attacks.  To address this shortage, the SANS Institute offers a program to help fill the impending cybersecurity skills…

x86 Exploit Development Pt 1 – Intro to Computer Organization and x86 Instruction Set Architecture Fundamentals

Hey guys! I figured that it would be beneficial to have an entire post dedicated to teaching some fundamentals about Computer Organization and the x86 Instruction Set Architecture, since I will be referencing this particular ISA (instruction set architecture) throughout most of my tutorials on Exploit Development and Reverse Engineering. This will be updated over…

Hack The Box – Bounty Walkthrough

Introduction: This week's retiring machine is Bounty, which is a beginner-friendly box that can still teach a few new tricks.  Bounty is rated 4.8/10, which I feel is pretty appropriate given the overall ease of the machine.  In this walkthrough, we'll do a little bit of dirbusting, learn a nifty trick to gain remote code…

“…because I stood on the shoulders of giants”

Since making the switch from an Army Transportation Officer to a Supply Chain Management in the private sector and now working in Information/Cyber Security, I've done a lot of learning. Often, I am asked how I did it. Typically, I respond with the most hated two words in any language on the planet earth: hard…

Hack The Box – TartarSauce Walkthrough

Introduction: This week's retiring machine is TartarSauce, which is full of rabbit holes deep enough to get stuck in.  With a rating of 6.2/10, it's not the most difficult of machines out there, but it definitely felt a little more complex to me than a 30 point box.  Either way, we get to experience another…

VetSec Takes First in the Hacktober CTF: Summary & Steganography Write-up!

For the last week, VetSec competed in the Hacktober.org CTF event, which consisted of challenges in forensics, steganography, programming, offensive tactics, web application, reverse engineering, cryptography, and more.  I am happy to announce that WE WON! Our team consisted of the following members: Elliot Chernofsky (@emtuls) Reuben Booker (@reubadoob) Rob Fuller (@mubix) Myself (@hmaverickadams) The…

Hack The Box – DevOops Walkthrough

Introduction: This week's retiring box is DevOops.  Coming in at a difficulty rating of 4.3/10, it's not an incredibly hard machine to root, but it does teach some valuable lessons in web application penetration testing and basic Linux privesc enumeration.  Let's take a look at what a simple "oops" can mean for the bad guy.…