In late March of this year the Drupalgeddon 2 vulnerability was disclosed. Given the CVE 2018-7600 the vulnerability was an unauthenticated remote code execution flaw in Drupal instances covering versions < 7.58 / 8.x < 8.3.9 / 8.4.x < 8.4.6 / 8.5.x < 8.5.1. So basically every Drupal instance at...
[Read More]
Metasploitable 3 and Flags
I have recently completed With You With Me’s Penetration Testing course. In that course, they utilised Metasploitable 2 as the basis to conduct training. As you will see from my Blog, I have completed quite a few Vulnhub VM’s and am comfortable with exploiting a Linux System and Metasploitable 2...
[Read More]
Heat Mapping and War Driving 433Mhz Devices
Devices that transmit in the 433-435Mhz ISM band are some of the most prevalent in modern society. From key fobs to temperate sensors and smoke detectors, devices in this band are heavily used and are increasingly being combined with the Internet of Things (IOT). The security of these devices varies...
[Read More]
SecGen Review
I recently came across a project on GitHub titled SecGen. The project appears to be a Research Project by Dr Z. Cliffe Schreuders and aims to create a platform from with Vulnerable operating systems and CTF’s can be automatically generated. The idea seemed great so I thought I would give...
[Read More]
The Defence Industry Boom - A Cyber Security Perspective
The Australian Government has recently announced that they will establish a $3.8 billion fund in order to grow Australia’s defence export industry. The intent of the push for Defence Industry is in part, part of the Government’s overall Innovation push and ideally this should see Australian business continue to innovate...
[Read More]