CKAD from Linux Foundation!

To a new reader, a quick glance at my writing history would suggest that I am a cyber security engineer which is absolutely correct. But then why would I study for something like CKAD which is mostly aimed at developers and devops engineers?

Devops is one of the fastest growing fields in computer science. Almost everyday a new tool or an update comes up and one has to be on their toes all the time. Being a security guy, my ultimate interest lies in the security of devops i.e. devsecops. What I have come to realise that it’s almost impossible…


Image credits:https://arctouch.com/blog/kubernetes-docker-containerized-apps/

Before we proceed : This is not a cyber security related blog , this is just a quick blog of deploying a simple web application with a database attached. It’s actually quite a noobish blog, however I wanted to document the process of deploying the application from scratch (except code which I have stolen from another source). This might become unnecessarily long for some as I’ll be putting in each error I was thrown at and how it was solved, but it’s a necessary lesson to not do anything theoretically and always go ahead and implement something because the struggle…


Vulnhub!

Back again with the first OSCP look alike box writeup of this year . This box requires a little bit of attention to detail and out of the box thinking not to mention once you figure it out, you would be surprised to see how easy it was ! Let’s get started with this :-

Link to the machine :- https://www.vulnhub.com/entry/double-1,632/

Full nmap port scan:-


Vulnhub!

Hey guys! Back again with what could possibly be this year’s last documented Vulnhub walkthrough. As usual , the trend has been documenting the OSCP like boxes which might be useful for OSCP aspirants and also in general to keep in touch with my skills acquired from OSCP . This is again a very nice machine from which even I learnt a few useful tips and tricks. Honestly , the box was extremely straightforward and also very real as well! So let’s start !

Full nmap port scan:


What is Trivy?

Trivy is a simple vulnerability scanner developed by aquasecurity for scanning containers and other artifacts .It is mostly used for static analysis. It is suitable to integrate with CI phase of pipeline . Aquasecurity is widely know for building security tools towards container and pipeline security . Trivy is available in github here .

What does Trivy do?

As suggested above, it is a vulnerability scanner which is mostly helpful for detecting container level vulnerabilities and dependencies.At it’s core, it is mostly a CVE scanner useful for finding missing patches and already existing and publicly disclosed vulnerabilities…


Been on a vulnhub spree as of lately because of boredom I guess. This is again a very easy and simple machine . Let’s start off.

Full port nmap scan :


Very nicely made machine again for OSCP guys! . Kudos to vulnhub for bringing out really top notch machines ever since the collaboration with offsec. Let’s start right away :

As usual, a full nmap port scan:


Vulnhub

This is again a very easy level machine good for beginners and for people who want to keep in touch with your basic skills. Highly recommend it for oscp starters as a practice.

The download link is as given below:

As usual, we start with a full port nmap scan:


The red team lab!

So recently I acquired my CRTE. My resolution this year was to acquire my personal big 3 i.e. OSCP,CRTP and CRTE. I am happy to share that in a span of 7 months I have all three supposedly considered top level certifications. It has come at the back of lot of hard work and dedication and I am proud that I was able to clear all these and learn so much quickly all in my final year of bachelor’s degree of college . You can find my reviews for the other certs in my blog list if you want :)
Before…


Vulnhub!

Excellent beginner level machine for OSCP aspirants. Nowadays vulnhub has definitely increased the bar of machines and post a lot of realistic machines (unlike HTB which usually post CTF type machines which are almost impossible to solve for me without a few hints) . Let us solve this machine.

Machine link: https://www.vulnhub.com/entry/bbs-cute-101,567/
As usual , I like to run a full port nmap scan.

Arnav Tripathy

Cats, pizza and cyber security are all I live for! Follow me for a wide variety of topics in the field of cyber security. OSCP ,CRTE , CRTP ,CKAD holder.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store