Summer Camp 2020: Web Application Exploitation

July 8, 2020September 9, 2020Leave a comment

Aaron James
Aaron James walks us through how he would solve the Summer Camp 2020 – Web Application Exploitation challenge: Black Mesa.

Summer Camp 2020 – Password Cracking

July 1, 2020September 9, 20201 Comment

Hush1e
Hush1e takes a break from drinking coffee and imperiling mailboxes to walk us through how she would solve the Summer Camp 2020 – Password Cracking challenge: Cracking for Coffee.

Hiding in Plain Sight: Steganography Tricks and Tips

March 2, 2020October 6, 2020Leave a comment

John "Mako" McGill
Who uses bitmap images anymore? Data smugglers, primarily! You're instantly suspicious that there's more to a file than meets the eye, but how can you uncover its secrets? Mako exposes the etymology, purpose, tricks, and tools of steganography and recommends additional means of practice.

Beginner Tips and Tricks for NCL Wireless Access Exploitation (Now Part of Network Traffic Analysis)

February 27, 2020September 19, 2020Leave a comment

MistressVenom
You've installed your Kali VM and have a packet capture from NCL. Wireshark revealed the network ESSID and victim and attacker MAC addresses, but where is that wireless password? MistressVenom shows you how to run aircrack-ng—in style.

Secret Information in Network Traffic Logs: NTA for NCL

February 19, 2020September 6, 2020Leave a comment

Paul Buonopane
Improving your Network Traffic Analysis techniques can mean the difference between spending hours on a challenge and solving it in 5 minutes. Paul Buonopane demonstrates how to filter large packet captures in Wireshark and reassemble fragmented files from packet data.

Sharpening the Axe: How to Cut and Carve Logs in the NCL

February 17, 2020September 6, 20201 Comment

John "Mako" McGill
Parsing log files is an art form, not unlike sculpting—"cut away all the parts of the wood block that are not the bear." In place of an axe and knife, Mako shows us how to whittle the bear from the log using grep, regex, awk, sed, uniq, sort, and pipe!

Where to Start with Wireless Access Exploitation (Now Part of Network Traffic Analysis) for the National Cyber League Games

October 1, 2019October 24, 20201 Comment

JeanaByte
JeanaByte walks us through how she would solve a sample Wireless Access Exploitation challenge, from picking through a packet capture in Wireshark to navigating the Aircrack-ng command-line interface.

Everything You Need to Know About Password Cracking for the National Cyber League Games

September 24, 2019September 6, 202011 Comments

CryptoKait
The most important skill to cultivate for NCL's Password Cracking domain is using the correct wordlist! This guide alone should get you through all the Easy and Medium challenges. CryptoKait demonstrates how to use a premade wordlist, create an enumerated wordlist, and generate your own wordlist from scratch.

Intro to Scanning for the National Cyber League Games

September 10, 2019September 6, 20201 Comment

WebWitch
WebWitch introduces Nmap, demonstrates how to tailor (and troubleshoot) your service scans to meet your NCL competition needs, recommends resources for mastering more features, and cautions against common mistakes.

Leaping into Log Analysis

August 27, 2019November 7, 20215 Comments

WebWitch
Log analysis becomes very important when you're trying to identify the source of a breach. WebWitch consults their command-line spellbook to summon forth the fundamental tools of log analysis, and shares their pro tips for preserving accuracy.