Setup a Wireguard VPN Server

Introduction Welcome to another blog post, today I’m going to show you how to setup a secure Wireguard VPN server. WireGuard is a modern, fast, and secure VPN protocol that provides excellent performance and encryption. In this tutorial, we will explain how to set up a secure WireGuard server on Linux. For this demonstration and walkthrough I will be using Ubuntu 22.04 on a 1vcpu 1GB Memory VPS hosted on www.

Securing Web Apps With Authelia

Introduction Welcome to another blog post, today I’m going to show you how to secure web applications with Authelia! Authelia intregrates into many common reverse proxies to add authentication in front of web applications, for example you have a website that you want to implement multi-factor authentication in front of it, Authelia has you covered. Authelia supports single factor and multi-factor, allowing you to authenticate with a one time passcode or even a yubikey!

Self Host Tailscale Derp Server

Introduction Welcome to my post, today I’m going to show you how to deploy your own Tailscale DERP server using a docker container I built myself! For this demonstration and walkthrough I will be using Ubuntu 22.04 on a 1vcpu 1GB Memory VPS hosted on www.binarylane.com.au. I highly recommened BinaryLane as they provide fast and reliable VPS solutions and even dedicated servers! Prerequisites Linux Server Docker (Docker Installation Docs) Git https://github.

Evilnginx2

DISCLAIMER: All infrastructure, accounts and domains were used temporarily on accounts and domain I own and were not used to conduct real phishing attacks. DO NOT attempt to attempt phishing attacks on users without their prior permission. Introduction Evilnginx2 is a reverse proxy type phishing kit/framework, designed to be the man in the middle between a user and a service such as Microsoft 365. It is simple to use requiring simply a linux server with docker installed, it’s small enough also that it can be run on a AWS ec2.

KringleCon 2022 Jolly CI/CD

Hello, this is my write up of the Jolly CI/CD challenge for kringlecon 2022. The aim of this challenge is to expoit the CI/CD pipeline and gain access to the wordpress server. I can say this is a pretty difficult challenge and really gets you thinking. The challenge requires knowledge of git and how CI/CD pipelines work. Note: This challenge does take 4-5 minutes to start all of the containers required for the challenge.

KringleCon 2022 Prison Escape

Hello, this is my write up of the Prison Escape challenge for kringlecon 2022. The aim of this challenge is to escape a container aka a container breakout. I must admit I did run down a rabbit hole when doing my first attempt but once I realised the answer it became quite obvious. Below here we have the starting terminal which you see when starting the challenge. Typically the first thing I do when I have a shell whether it be a vm or container is check whether I have sudo privileges, most often than not low privilege users are given more sudo privileges than they actually need, this creates a security risk and path for an attacker to escalate to root.