Kevin.net.nz

Metasploit 101

Metasploit 101 This post is a quick run down of a talk that I gave at my local information security meetup to introduce the Metasploit Framework to those that have not used it before. Introduction So what is Metasploit? Metasploit is an exploitation framework with a collection of tools to help develop exploits and use them. It was created in 2003 by H D More. The Metasploit project was purchased by Rapid7 in 2009.

Using OWASP ZAP with iOS

Using OWASP ZAP with iOS Introduction In this post I’m going to go through how to intercept http and https traffic from an iOS device using OWASP ZAP. I have found this to be very handy when debugging web and iOS applications from the device. The version of ZAP that I am using is 2.4.3 and iOS is 9.3. Set up HTTP Proxy First lets open the local proxy settings in zap.

Hacking the Gibson 0.2 from vulnhub.com

Hacking the Gibson 0.2 from vulnhub.com Introduction In this post I’m doing a walk though of capturing the flag of a machine from Vulnhub. The target machine is Gibson which is a fun boot2root/CTF. Initial Recon nmap I always like to start my recon with the following nmap command. nmap -sS -sU -T4 -A -v 172.16.1.134 this netted the result of: Website Seeing that port 80 is open I point my web browser at http://172.16.1.134 to have a peek at the initial page.

Recovering Data

Recovering Data This post is a quick run down of a lightning talk that I gave at my local information security meetup. Introduction Tonight we are going recovering deleted files from a USB thumb drive. Since I’m a fan of Kali linux, all the tools demonstrated come pre-installed and can be used from a booting off a live CD or USB Thumb drive. Image the drive First of all I like to image the drive so that I’m not working on the original source.

First post

This is the obligatory first post. I’m building this site with Hogo For now here are some interesting links: https://www.kernel-exploits.com/ https://github.com/bidord/pykek http://www.portknocking.org/