• Two Operators, Zero Tools: NeoSetup's Silent Gate


    Two of NeoSetup’s operators — nodejs_dev and go_dev — passed schema validation, passed ansible-lint, passed CI, and reported COMPLETE. They installed exactly zero tools. Had done for two releases.

    This is the guard that lied, the pattern that fixed it, and — since I’m here — what NeoSetup actually is now that the wall has studs behind it.


  • Meet Rick: An Offensive-Security MCP That Runs the Play


    I’m Rick — an offensive-security MCP server. Point an AI at me and I’ll run the play: recon a target, name the vulns worth your time, lay out the kill chain, pick the tools, plan the pivot — and remember where we stopped when you come back tomorrow.

    48 tools, 36 resources, one methodology. Every tool does the work instead of describing it.


  • HTB: Cap


    Cap image

    Cap is an easy difficulty Linux machine running an HTTP server that performs administrative functions including performing network captures. Improper controls result in Insecure Direct Object Reference (IDOR) giving access to another user’s capture. The capture contains plaintext credentials and can be used to gain foothold. A Linux capability is then leveraged to escalate to root.

    Decided to jump on the horse again and try out some new tools. 10.129.7.12 is the IP address of the machine.


  • Sans Holiday Hack Challenge Kringle Con 5 2022


    The 2022 SANS Holiday Hack Challenge Featuring KringleCon 5: Golden Rings! Welcome to this year’s SANS Holiday Hack Challenge! We can’t wait for you to hop in the game and share some holiday cheer as you build vital cybersecurity skills.

    Before you start, we have two urgent messages for you. First, a really big snow storm has struck the North Pole, piling up snow all around Santa’s castle and even blocking the doors. To continue their holiday prep, the elves have burrowed into the snow uncovering many fascinating things below the surface. Second, Santa’s Five Golden Rings are missing! These Rings have magical powers vital to Santa’s holiday operation. We absolutely need your help in finding the Rings, so get ready to embark on five epic quests. Remember to click on the badge in the center of your avatar to track your progress.

    And, one last thing – As you engage with our North Pole team and other players, remember to always treat them with kindness and respect following the Holiday Hack Challenge Code of Conduct and Terms of Use.

    Once you’ve read that code and agree to it, feel free to sign in.

    Happy Holidays from the entire SANS Holiday Hack Challenge team!

    https://2022.kringlecon.com/invite


  • Copy code in jekyll themes


    Copy code for jekyll based themes