Immersive lab Ghidra, Ep2.
In This lab I have answered all of the questions except question 4 - "Using the function graph on the main function, what is the starting address of the last basic block?" It is not clear which block the "last" one is. I have entered the starting address of all basic blocks but none are correct. Is there some secret to this question that I haven't discovered yet?
Kusto Query Language: Ep.7 β String Processing Q4
I am stuck in Q4, and it seems that the query matches the requirements of the question and generates exactly what it is asking for. However, the lab does not accept the full substring command used in the query as the correct answer. Please let me know if I am missing anything. Thank you.Hacking tools
Just (re)entering the space of hacking hardware (I had a flipper, but it went boom after a fallout with a bottle of Coke and the rubbish attached lids we have in the UK. I am getting the stuff to build a Bjorn networking tool as a first project. In a "Oh-I-wonder-if-I-could build-one-educational" activity... Has anyone built one before? What use did you get out of it? What other tools have people built?Dispatches From the Desert
This year, as in previous years, the Immersive Container 7 team arrived to attend briefings, talk to vendors, and get a glimpse into the state of security β or at least, how the vendors and researchers are showcasing it. Over the next five days, weβll share our daily highlights, whether itβs our favorite talk, vendor session, or afterparty. You can read all about it over on our Container 7 Blog.
CTI: Creating a proof of concept question
This question was asked in the Slido after today's community webinar: Operational CTI: Creating a Proof of Concept. I am posting here so that it can be answered. I understood the SharePoint vulnerability's exploitability to be rated 'easy' or 'low.' However, my experience in generating a Proof of Concept (POC) suggests it's quite difficult. Could you explain why the rating is what it is?
Snort Rules: Ep.9 β Exploit Kits
I am pulling my hair with question number 8 Create a Snort rule to detect the third GET request in the second PCAP file, then submit the token. This one should do it but it is not working. alert tcp any any -> any any (msg:"detect the third GET request"; content:"e31e6edb08bf0ae9fbb32210b24540b6fl"; sid:1000001) I tried so many rules base on the first GET header and still unable to get the token. Any tips?
