Recent
Squid Game CTF - Hc0n 2023
·3123 words·15 mins
secu
Defense Evasion
kraken
webshell
redteam
ctf
Squid Game is a CTF created for the congress: Hc0n 2023. It consists of three Boot2root style challenges through an initial web access. The objective of the challenges is: to perform a post-exploitation via webshell on restricted environments and to gain privileges. In this post, we will show the proposed solutions for these challenges.
Kraken Fundamentals - II
·2834 words·14 mins
secu
Persistence
Defense Evasion
kraken
webshell
redteam
Two fundamental pieces of Kraken’s logic are the Modules and Agents. Through these components, you will understand how Kraken performs code execution and takes advantage of its design and architecture to provide the operator with some flexibility and comfort during the post-exploitation phase.
Kraken Fundamentals - I
·1152 words·6 mins
secu
Persistence
Defense Evasion
kraken
webshell
redteam
Kraken is a tool for orchestrating webshells developed in PHP, Java and .NET. This is the first post of the Kraken Fundamentals series, where we will talk about how the tool is designed and how it works.