Immersive lab Ghidra, Ep2.
In This lab I have answered all of the questions except question 4 - "Using the function graph on the main function, what is the starting address of the last basic block?" It is not clear which block the "last" one is. I have entered the starting address of all basic blocks but none are correct. Is there some secret to this question that I haven't discovered yet?Hacking tools
Just (re)entering the space of hacking hardware (I had a flipper, but it went boom after a fallout with a bottle of Coke and the rubbish attached lids we have in the UK. I am getting the stuff to build a Bjorn networking tool as a first project. In a "Oh-I-wonder-if-I-could build-one-educational" activity... Has anyone built one before? What use did you get out of it? What other tools have people built?Dispatches From the Desert
This year, as in previous years, the Immersive Container 7 team arrived to attend briefings, talk to vendors, and get a glimpse into the state of security – or at least, how the vendors and researchers are showcasing it. Over the next five days, we’ll share our daily highlights, whether it’s our favorite talk, vendor session, or afterparty. You can read all about it over on our Container 7 Blog.CTI: Creating a proof of concept question
This question was asked in the Slido after today's community webinar: Operational CTI: Creating a Proof of Concept. I am posting here so that it can be answered. I understood the SharePoint vulnerability's exploitability to be rated 'easy' or 'low.' However, my experience in generating a Proof of Concept (POC) suggests it's quite difficult. Could you explain why the rating is what it is?
Snort Rules: Ep.9 – Exploit Kits
I am pulling my hair with question number 8 Create a Snort rule to detect the third GET request in the second PCAP file, then submit the token. This one should do it but it is not working. alert tcp any any -> any any (msg:"detect the third GET request"; content:"e31e6edb08bf0ae9fbb32210b24540b6fl"; sid:1000001) I tried so many rules base on the first GET header and still unable to get the token. Any tips?CSM Tip: Have A Summer Series! Are YOU Taking Advantage Of Summer?
Being the comedian I am, I was going to title this tip “Have Your Own Personal Summer series” but I didn’t want the core message of this idea to get lost in my wacky humor. Working with customers over the years across the globe, I’ve seen a trend. What is that trend? People on the team take their annual holidays to enjoy the weather, spend time with their families when the kids are out of school, spend more time in the fresh air away from screens, etc. Thus, structured programs and large projects wane a little bit as opposed to the fervor that resumes as autumn hits. One of the ways customers overcome this and stick to their personal growth and development plans as well as the broad organizational/department plans is to host “Summer Series”. What is that you say? Well, it is sometimes a large group activity or challenge over the summer (have you checked out the challenge labs in the Exercise section of Immersive?) Or, it’s a weekly/biweekly/monthly “workshop” drop in session that team members can attend (when they are not on their well-earned annual holidays) to learn more on a topic (come on, I KNOW you want to learn more about cutting edge topics like secure coding in the age of integrated LLM in your apps and systems). So, be the voice on your team to suggest this or, like my wacky idea for a tip topic suggests, implement your own Personal Summer series. You will be glad you did.
