Strategies are only as strong as their execution. To validate the security-first principles I advocate, I actively apply them in real-world scenarios through TryHackMe and HackTheBox.
In this section, I document my journey through specific rooms and challenges, translating academic concepts into tangible skills. Here, you’ll find:
- Live Walkthroughs: Step-by-step breakdowns of how I tackle specific vulnerabilities and secure complex environments.
- Strategy in Action: Analysis of how my IT Project Management background influences my approach to threat modeling and defense.
- Lessons Learned: Key takeaways from each lab, highlighting common pitfalls and effective mitigation techniques.
Join me as I turn theory into resilience, proving that true security is built not just in the classroom, but in the trenches of active defense. 馃殌馃捇
Web server to be exploited. The main objective is to guess the three ingredients to help Rick make his potion and transform himself back into a human from a pickle.
Web server to be exploited. The main objective is to discover two flags, one from the user and the other from the root user.
The main objective is to find how an attacker exploited the server and afterwards make a forensic examination of the host to identify the attacker鈥檚 footprints at the post-exploitation stage.
You are Bob, a security engineer working with the DevOps team on a tourism web application. After moving the site to production, the team noticed it was being hacked. The objective is to identify the exploited vulnerabilities, retrieve the flags, and restore the website.
Exploit a weak cryptographic implementation to gain unauthorized access and achieve remote code execution through a padding oracle attack.