Kicking some web exploitation CTFs around, just to keep my skills sharp. Right now just working on whatever picoCTF gives me. If anyone has another source they like, I'd love to hear about them!
Recent searches
Search options
#ctf
15 posts9 participants1 post today
New Open-Source Tool Spotlight 
VISTA is a Python-based AI chatbot built using OpenAI GPT and LangChain. It integrates with Pinecone for vector databases, focusing on semantic search and managing context. Looks like a good starting point if you're exploring AI chatbot frameworks. #AI #Chatbots
Project link on #GitHub 
https://github.com/RitikaVerma7/VISTA
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— 
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 
I'm the first to call myself an IT Noob.. Professionally, I can explain the brain, down to receptor level, and including psychological endpoints - but since I am using Windows in my digital life I don't know anything there, really... still.. I am proud to say, I made it to Level 8 of Over the Wire without much prior knowledge of what SSH was, while watching the end of @hubertf 's CCC talk 
#ctf #lol Thank you!
Continued thread
Details 4/4
Die Kraftwerkbetreiber haben dich kontaktiert, um das Blatt zu wenden. Erlange wieder Admin-Zugang, bevor es zu spät ist. Also ran an die Tastatur, bevor das Licht ausgeht. 
"
ctf.potsdam-cyber-games.dePotsdam Cyber Games | CTF
Continued thread
Details 3/n
Die Lage spitzt sich zu, Operation Blackout ist aufgeflogen und zwingt HexSwarm zum schnellen Handeln. Sie sind allerdings noch dabei ein letztes Kraftwerk zu infiltrieren, damit die Destabilisierung zu einem vollständigen Blackout führt. Um Zeit zu gewinnen, haben sie die Administratoren ausgesperrt und das Passwort geändert.
Continued thread
Details 2/n
Nachdem es zunächst so schien als seie nur GridWatch vom benachbarten Stromnetzbetreiber betroffen, hat nun auch ein Kraftwerk Verdacht geschöpft und hat die kompromittierte Schaltzentrale für die PLCs und OT vom Internet getrennt. Doch HexSwarm war vorbereitet: Ein Totmannschalter sorgte für die automatische Abschaltung – erste Instabilitäten im Stromnetz sind bereits spürbar.
Continued thread
Details 1/n
"Die berüchtigte Hackergruppe HexSwarm plant den ultimativen Sabotageakt: ein koordinierter Angriff auf die Stromversorgung von CyberCity. Mehrere Kraftwerke wurden bereits infiltriert – getarnt als harmlose Wartungstools haben sie Schadprogramme in die Systeme eingenistet.
Hands-On Cybersecurity Übung (nicht nur) für die Energiebranche im Rahmen der Potsdam Cyber Games des Hasso Plattner Institute: Operation Blackout 
️
Details in den Kommentaren.
Wahrscheinlich die schnellsten zwei Flags die ich je in der Web-Kategorie bekommen habt 
One week from now, @defcon CTF qualifiers will begin. Register now at https://quals.2025.nautilus.institute/ , game starts at 1744416000
quals.2025.nautilus.instituteDEF CON CTF
Trying to decompile a rust binary... anyone got a useful program? Not ghidra, binary.ninja...
Continued thread
4/n
Wer von euch nimmt an CTFs teil, und ist auch aus Regensburg?
4/n
Wer von euch nimmt an CTFs teil, und ist auch aus Regensburg?
Continued thread
3/n
Für mich persönlich eine tolle Gelegenheit, neben Theorie und Organisation auch die praktische Seite der CyberSecurity im Team zu Trainieren.
Continued thread
2/n
Es gab spannende und herausfordernde Übungen u.a. in den klassischen Kategorien Open Source Intelligence (OSINT), Reverse Engineering, Binary Exploitation (Pwn), Coding und Secure Coding sowie Kryptographie (Crypto). Gelegenheiten um mehr neue Technologien zu erlernen gab es in den Kategorien AI, Machine Learning (ML) und Blockchain.
1/n
Vorletzte und letzte Woche veranstaltete Hack The Box ein CTF Event mit praktischen Übungen zur Cybersecurity. Mit dabei war ein kleines Team aus Regensburg, und von über 8.000 Teilnehmern konnten wir in die Top 10 kommen.
New Open-Source Tool Spotlight
GhidraMCP is an Model Context Protocol server for allowing LLMs to autonomously reverse engineer applications. It exposes numerous tools from core Ghidra functionality to MCP clients.
Project link on #GitHub https://lnkd.in/gRUrYpMx
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
How can a DNS mail record be used to trick you into giving up your login credentials? 
Researchers at Infoblox have identified a phishing-as-a-service (PhaaS) platform called Morphing Meerkat that’s been quietly operating for over five years. What makes it notable is its use of DNS MX (Mail Exchange) records in ways rarely reported before. Instead of the usual static phishing page setups, Morphing Meerkat queries the victim’s email provider’s MX record—using DNS-over-HTTPS via Google or Cloudflare—to tailor the phishing page dynamically. This means victims are shown spoofed login interfaces that mimic the exact service they use, complete with matching branding and pre-filled email fields.
The platform supports more than 114 brand templates and uses obfuscated JavaScript to evade detection. It also includes built-in translation capabilities based on browser profile or geolocation, making the fake login pages appear native to the user's language. Earlier versions began in 2020 targeting just five email services (Gmail, Outlook, Yahoo, AOL, Office 365). By mid-2023, they could generate phishing pages dynamically using MX records and now operate in over a dozen languages.
Morphing Meerkat campaigns rely on a set of centralized email servers, primarily hosted by UK ISP iomart and US-based HostPapa, indicating a coordinated infrastructure rather than a loose network of attackers. The phishing emails often impersonate trusted services—banks, shipping companies, etc.—and are distributed using compromised WordPress sites, open redirects from platforms like Google’s DoubleClick, and embedded links in shortened URLs.
Once a user submits credentials, the system may display a fake “Invalid Password” error to lure them into re-entering data, after which they are redirected to the real login page. This not only reduces suspicion but also increases the chance of capturing correct credentials. Stolen data is sent back via AJAX, PHP scripts, or Telegram bots, sometimes with evidence removed in real-time.
This operation shows a deep understanding of modern security blind spots—including how content delivery and DNS infrastructure can be turned against end users.
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
