@Capysec Security Research

  BACKGROUND: I took this certification exam with around 4 months of experience in Information Security and with over 2 years of general IT experience. With that said, no experience is required in order to take the exam, however 1 year of "relevant" experience is required to obtain the full certification, otherwise you will only receive the "Associate of (ISC)2" title, which can be upgraded to the full certification when the experience requirements are met. The reason I took this exam was because my current employer offers a fully free discount on (ISC)2 exams specifically. I planned on initially studying for and attempting CISSP, however I decided to take SSCP first in order to get a feel for how (ISC)2 specifically likes to word their exam questions, as all of my previous IT certifications have been through CompTIA. EXPERIENCE: My mindset for this exam was similar to the mindset that I had when studying for the CompTIA Security+ exam. I did not buy a book however....

Note: This is a reupload of a CTF walkthrough from my original website which no longer exists. Tonight I'll be providing a writeup on the TryHackMe box "Simple CTF" similar to my writeup on Blue. TryHackMe is another great and incredibly educational site dedicated to teaching learners about offensive and defensive cybersecurity. As always, it's typical to start with a basic Nmap scan.  This is one of the typical Nmap scans that I like to run on TryHackMe and HacktheBox machines. It will take longer than most scans due to the enumeration being performed by the vulnerability script. Another I will typically run is - nmap -sC -sV -A x.x.x.x This is an aggressive service scan with default scripts enabled. Here we have quite a bit of output, the bulk of it being a list of CVE's for the specific version of Apache web server running on the target machine. As we can see, Port 21 (FTP), Port 80 (HTTP), and Port 2222 (SSH) are currently open on the target machine. We can al...

Note: This is a reupload of a CTF walkthrough from my original website which no longer exists. Today I'll be doing a writeup on the easy difficulty CTF machine "Bounty Hacker" from the cybersecurity training website TryHackMe. As always, we will start with an Nmap scan of the machine. Here we will be running an aggressive service scan with default scripts enabled. I will also sometimes simultaneously run the above scan alongside another nmap scan which will be using the vulnerability script for additional enumeration. However in this case I decided to simply go ahead with the above command. As we can see we have a little bit of information to go off of. We can see the FTP and SSH are both open, with FTP allowing anonymous logon. Just from personal experience I am already familiar with the versions of vsftpd and OpenSSH that are currently running, and I also know that there aren't any publicly available exploits to leverage against them. Considering that this is consid...

Note: This is a reupload of a CTF walkthrough from my original website which no longer exists. Hello all, We will be looking at the now retired HackTheBox machine "Blue" which is regarded as one of the simplest HackTheBox machines available. ENUMERATION: Machine IP: 10.10.10.40 OS: Windows First we start off with an Nmap scan. This is my preferred Nmap scan for HackTheBox machines. If I fail to find anything on the default 1000 port list, I'll run a scan of all 65535 ports. This type of scan can take a minute or two to simply due to the amount of enumeration it is performing on the remote host. If you want to try to speed up the process you can drop the OS (-O) enumeration and add in a -T5 flag. Running this particular Nmap scan on all 65535 ports will take 5-10 minutes sometimes, so be warned. Here are the results of our scan. As we can see, we have a few ports open. Also, if we didn't already know that this was a Windows machine, these port results in particular wou...

This will be my first post in a series of posts summarizing various cyber actors, including APTs, Cybercrime outfits, and Hacktivist groups. I will be mainly discussing the history of the group and their known and documented activities throughout their existence. I plan on making additional summaries of each group that will delve further into their TTPs and other technical information to compliment this summary. The first group I will be discussing is the Evil Corp cybercrime outfit. The group is also known to many by the name INDRIK SPIDER, which was coined by the Cybersecurity company CrowdStrike. I decided to write about the Evil Corp group first due to the fact that they are still very relevant in 2020, as just a few days ago, Symantec published a report discussing a widespread attempted ransomware attack against various U.S. companies carried out by the Evil Corp group earlier this month. Evil Corp is an extremely sophisticated threat actor. They are capable of developing their ow...