January 1, 2016

2015 in review

2015 has been quite the year for me! For one, I started blogging about information security and software development. I added a category for hardware, but I haven’t been able to dive very deep into those projects (yet). This blog post will be a review of all of the content I’ve blogged about, hopefully it’ll be a good collection of how much I’ve grown. To prove I really am what my tag line says; that I’m better than I was a year ago.

December 21, 2015

Monitoring Honeypot Output

Last week I posted in Hacking about installing a Honeypot to record SSH traffic. Since it was installed, I’ve been working on easily monitoring of the output. Michel Oosterhof, the creator of Cowrie, has done a lot of development work to create some awesome logging output from the honeypot. There are a lot of different options and you can even store output in a mySql database. I found instructions for that on a wordpress blog.

December 18, 2015

Cowrie Honeypot Installation

Who likes honey? I know I do. Unfortunately Cowrie isn’t the like of honeypot you might imagine. Instead of thinking source of deliciousness, think something you will get your hand stuck in. In security terms a Honeypot is where a system is set up to record everything that’s going on. In those terms, cowrie is a SSH monitor that tracks everything that happens over an ssh connection. This is a project that I started with @Taco_Pirate.

December 11, 2015

My First Presentation: Web Hacking

Tuesday December 8th was the last meeting of the semester for Spartan Hackers and I gave the presentation. A group of students at Michigan State University who go to hackathons and want to learn more about computer science. Each week we have workshops to introduce new things to our members, topics vary from “Intro to HTML” to “Web Scraping”. The original idea was to have a security company come in and talk with us, but that fell through at the last minute.

December 7, 2015

Exploiting BWA (Broken Web App)

Two posts ago, I wrote a quick post about installing OWASP’s Broken Web App. This post will be about exploiting the BWA and by that I mean I’m sharing my experience following existing proof of concepts and walkthroughs. For example, reported vulnerabilities from sourceforge and video walkthroughs on irongeek.com. This post assumes you have the OWASP BWA virtual machine up and running and that your target VM’s IP address is mapped to owaspbwa.

December 4, 2015

Python Anywhere

I wanted to do a quick write up of the last project I did for class, it was a scoreboard app written in Python and used Flask. For extra credit we could host it on Python Anywhere. The app also uses SQLlite for the database. All of the development work was done using PyCharm. One of my Media and Information classes has a lot of programming based projects. We used two main different languages and IDEs to get them done, the final for the class and the early projects was done using C# and Unity, while the end of the class utilized Python and PyCharm from JetBrains.

December 1, 2015

CBI and social media

** Disclaimer: While this post is about security; it’s also doubling as my homework for MI 201 at Michigan State University ** Creative Breakthroughs, Inc. or CBI is a IT risk management company that was founded in 1991. Their motto is to keep data “secure, compliant and available”. They work with other companies to train them, review their security policies, and more. CBI has their own website with a blog and CBI is also on Facebook, Twitter, and LinkedIn.

November 25, 2015

Installing BWA (Broken Web App)

OWASP Broken Web App (BWA) is a safe place to practice some fun stuff and is basically a collection of applications to test everything security related. OWASP has a few projects like Web Goat, Security Shepherd, and more. Broken Web Apps is a collection of these guides and some outdated apps to test your developing skills. Install All The Things! In order to set things up, it’s important to have everything you need installed.

November 21, 2015

My first CTF: ruCTFe 2015 w/ #Misec

I know there is a lot of different people reading this post; mentors, coworkers, students, friends and family. So I’ll be as thorough as possible to cover all the bases. Mainly because I’m very excited about all of this and I want to write down all of the details before it gets too late. (Feel free to skip a paragraph if it gets too boring) what’s ruCTFe? First off, it is capture the flag!

October 24, 2015

Assembling a Delta 3D Printer

Hey everyone, it’s been a while since I’ve written something about hardware. I’ll share a current project of mine that has taken some interesting turns. Something that is all the age right now is 3D printing. Most assembled printers range from $400 to $800 and that can range on a lot of things from filament type to the hardware in use. Kits generally run cheaper, because you have to assemble them yourself.