Year In Review-2020

In this post, I look back on all the stuff that I did in 2020...

December 31, 2020 · 10 min

Exploiting Exported activities in Android apps

This blog post doesn’t teach you the very basics of the android app, it just talks about the exported activity and their exploitation...

November 7, 2020 · 6 min

Google Summer of Code 2020

This year I got selected for Google Summer of Code 2020 under The Honeynet Project. This year GSoC was very special for me because I finally got selected for the organization, for which I’ve been trying to get selected from past 2 years. Background I got to know about Google Summer of Code back in 2018, when I learned that my elder brother has done it 3 years in a row....

September 18, 2020 · 11 min

Analyzing Snare and tanner data

I had Snare & Tanner running on two different digital ocean’s droplets. I just wanted to see what juicy data I can get using this honeypot. How I deployed it is a different story and I’ll write a different blog post for that. In this post, I just wanted to share small code I wrote as well as some graphs I was able to generate using them. Downloading data using Tanner API Tanner doesn’t support any inbuilt export option(yet) but it has an API so I wrote a small python script to download data from my tanner API and store it in a JSON file....

May 31, 2020 · 2 min

Running your own Bombsquad server

If you just want to know how to setup bombsquad jump to The setup section and if you are interested in backstory, continue reading. Back Story Few days into the COVID-19 lockdown and I was already getting bored. I mean I was spending my time either doing my college assignments, that were supposed to be submitted on Google Classroom, or I was just doing various kind of challenges like Pentesterlabs, VMs from Vulnhub....

April 19, 2020 · 6 min

Review of Autopsy online training

It’s been a while since I wrote any blog post. Since this lockdown is going on I decided to learn a few new things from online courses. I came to know that Basic technology was offering their autopsy basics and hand on (8-hours) training course, worth $495, for free during this COVID-19 crisis. So I decided to take the course since I’m very much interested in digital forensics. My very first encounter with digital forensics was in one of the CTF, named otter CTF, that I played with OpenToAll....

April 18, 2020 · 4 min

Getting Started with Docker

What are Docker containers? Docker containers are a smaller version of Virtual Machines with farless overheads and lot for flexibility. If you want to isolate different services on your system then you can make multiple dockers images for each service and run them, separately. How it works? Well all you need to do is make a file named Dockerfile which would contain the rules/instructions of what all has to be done in that container and then you start the build of your container....

February 5, 2020 · 5 min

Linux Privilege escalation

If you do all the HackTheBox, Vulnhub etc VM you will understand the feeling of getting a reverse shell on the machine but we know that you’re far from home. Finding the right vector for escalating your privileges can be a pain in the ass. I’m going to share some of the methods I completely depends upon for finding those vulnerable vector that helps to escalate privilege on Linux system....

February 1, 2020 · 5 min

My eJPT experience

Like every Infosec enthusiast I want to do OSCP certification program but when I was reading about it I came across this ceritificate named eJPT so I decided to read about it. Lot of people recommend eJPT as the stepping stone for other bigger certificates like eCPPT or OSCP. After reading numerous reviews and blog posts about eJPT, I decided to take it. The main reason I took this certificate was to gain some confidence for OSCP and also to improve my resume....

January 15, 2020 · 6 min

Working with Predictable Network Interface Names and netplan

Recently I was working on making a new Virtual machine for Vulnhub(it’s in beta right now) and one of the issues I came across was the problem of not having any interface except the loopback (lo) in the newly created VM. Now setting a new interface is easy but What I wanted was to set Dynamic DHCP IP so whenever someone starts the VM it’s assigned an IP using which they can attack the box....

November 16, 2019 · 3 min

Capture the flag!!

Okay, I gotta start by saying that it been a long time. The last thing I remember was trying to figure out how to rebase my pull requests on Kodi’s repository and praying to pass my first GSoC evaluation. Well, as of now I have passed all the GSoC evaluations, received all my stipend and missed a great trip to Sofia, Bulgaria, yup missed it, but that’s a story for next time....

October 19, 2018 · 2 min

Google Summer of Code 2018 with XBMC foundation

I got selected as a Google Summer of Code student in XBMC foundation (a.k.a Kodi) for the project [Static code analysis in Kodi’s addon-check tool](Static code analysis in Kodi’s addon-check tool). Result came out on April 23 09:30 PM IST. I know it was 2 months ago but I couldn’t get myself to write about it - you can say I was “busy” ;) What is GSoC ? Google Summer of Code is a global program focused on bringing more student developers into open source software development....

June 27, 2018 · 3 min

Hello World

My First Blog post...

May 26, 2018 · 1 min