Welcome to “cat root.txt” Write-ups

The contents of this blog are from my own experience and methodology on how I solved rooms in tryhackme.com and rooted boxes in hackthebox.eu. This is my personal blog and in no way I am getting paid by both hacking education platforms. THM and HTB do not recommend write-ups to be published in public when a room or box is new. THM room creators normally don’t want any spoilers, hints or write-ups within 3 days of releasing the room. For HTB, the box needs to be retired before write-ups get posted.

Entries:

LetsDefend: Ransomware Attack

Scenario: An end-user device was infected by ransomware. A memory dump was captured from the compromised machine, and it is our task as digital forensics investigators to find the evidence of the attack. The memory capture file that was provided to us is in .mans format which is a Mandiant Analysis File. This should give…

by lightkunyagami November 7, 2023

Try Hack Me: Traverse

This room was on 8/4/2023 and is rated easy in difficulty. Shout-out to the room creator, @1337rce. You can access the room at https://tryhackme.com/room/traverse. Scenario: Bob is a security engineer at a firm and works closely with the software/DevOps team to develop a tourism web application. Once the website was moved from QA to Production,…

by lightkunyagami August 7, 2023August 8, 2023

What You Need to Know If You Are Thinking of Taking the SANS SEC504: Hacker Tools, Technique, and Incident Handling and the GIAC Certified Incident Handler Certification Exam

Who is the SEC504 course for? The content of the course can be considered for beginners in the Cybersecurity field- if and only if you have basic experience with Linux CLI and Windows CMD or PowerShell. I will cite an example later on. But if you have not done any Linux commands such as cd,…

by lightkunyagami August 4, 2023August 8, 2023

CyberDefenders: AzurePot

This Blue Team challenge was published on April 20, 2023, on CyberDefenders.org. You can access the challenge at https://cyberdefenders.org/blueteam-ctf-challenges/101#nav-overview. Shoutout to Tyler Hudak for creating the challenge. I completed the challenge on the same day it was published. I got so hooked that I didn’t want to stop until I completed it. I rated the…

by lightkunyagami April 29, 2023

How To Revoke A Letsencrypt Certificate If You Don’t Have The Account That Issued It Or The Private Key

Have you ever been in a situation where your organization stopped using cloud service and then realized that a valid certificate is still tied to the old IP address that you were assigned? That is the exact situation we were in, a scammy-looking gaming site was using the same IP address that our organization was…

by lightkunyagami April 26, 2023April 26, 2023

Try Hack Me: Boogeyman 1 (BlueTeam)

This room was released on 4/14/2023 and is rated medium in difficulty. Shout-out to the room creator, ar33zy. You can access the room at https://tryhackme.com/room/boogeyman1/. This is a blueteam side of the cybersecurity field. The skills/tools to be tested and needed to complete this challenge are Phishing Analysis, PowerShell Log Analysis, Linux Commands, and Traffic…

by lightkunyagami April 16, 2023

CyberDefenders: BlackEnergy

This Blue Team challenge was released on February 19, 2023 from CyberDefenders.org. You can access the room at https://cyberdefenders.org/blueteam-ctf-challenges/99#nav-questions. Shoutout to @HouseOfStark for creating the challenge and also for being so responsive and kind in entertaining questions and inquiries about the challenge on Discord. I’ve had interactions with other creators where they just shrugged their…

by lightkunyagami February 23, 2023February 24, 2023

How to Setup Your Own Malware Analysis Box – Cuckoo Sandbox

I am writing this blog entry because I know I was not the only one who had trouble setting up my own malware analysis box – Cuckoo. I have tried many tutorials, both written and video recorded, and I could never make it work. Finally, I decided to work on it until I came up…

by lightkunyagami November 16, 2022November 16, 2022

Try Hack Me: b3dr0ck

This room was released on 8/26/2022 and is rated medium in difficulty. Shout-out to the room creator, @F11snipe. You can access the room at https://tryhackme.com/room/b3dr0ck. Scenario: Barney is setting up the ABC web server and using TLS certs to secure connections, but he’s having trouble. Here’s what we know: He established Nginx on port 80,…

by lightkunyagami August 26, 2022August 28, 2022

Try Hack Me: Hacker vs. Hacker

This room was released on 8/12/2022 and is rated easy in difficulty. Shout-out to the room creator, @Aquinas. You can access the room at https://tryhackme.com/room/hackervshacker# Scenario: The server of a recruitment company appears to have been hacked, and the hacker has defeated all attempts by the admins to fix the machine. They can’t shut it…

by lightkunyagami August 16, 2022

LetsDefend: Memory Dumper

Another good challenge from LetsDefend.io and kudos to this challenge creator, 0xCyberJunkie.sh. You can access the challenge through this link. I intentionally masked part of the answers so you will have to do the necessary steps to see the entirety of the the answers. Scenario: A Windows endpoint was recently compromised. Thanks to the cutting-edge…

by lightkunyagami August 8, 2022August 8, 2022

LetsDefend: PDF Analysis

WARNING: Do not open/run the pdf file on your local machine because it is malicious. Use the sandbox to analyze the file. Scenario: An employee has received a suspicious email. The employee reported this incident and mentioned that they did not download or open the attachment as they found the email very suspicious. They wish…

by lightkunyagami July 29, 2022July 29, 2022

CyberDefenders: GrabThePhisher

This Blue Team challenge was released on 7/23/2022 from CyberDefenders. You can access the room at https://cyberdefenders.org/blueteam-ctf-challenges/95. This is one of the easiest challenges I’ve ever encountered from CyberDefenders.org. This is a perfect challenge for beginners who just want to get their feet wet in doing hacking/IR challenges. The skills/tools to be tested and needed…

by lightkunyagami July 25, 2022

CyberDefenders: Mr. Robot

Note: I started with using volatility on my Windows machine, and eventually, I transitioned to working on my Linux machine. Pardon me for screenshots from different OSes. The first task in this challenge is to convert the VMWare Suspended State (.vmss) files to a memory dump so we can perform memory analysis. There is a…

by lightkunyagami May 20, 2022May 20, 2022

Security Blue Team: More Than Just a Cyber Defender Company, But Also a Mental Health Defender

This is going to be my first blog entry that has nothing to do with any TryHackMe, HackTheBox, CyberDefenders, or Security Blue Team write-ups or walkthroughs. Since my interest in cyber security began, I have always been enamored with the Red Team side of it. But, as I became sucked deeper into the Red Team…

by lightkunyagami May 5, 2022May 5, 2022

Load more posts

Loading…

Something went wrong. Please refresh the page and/or try again.

About Me

Hi, I go by “lightkunyagami” in the infosec/pentesting world. I am a husband to an amazing wife, a father to two wonderful kids. I work full-time as a Security Analyst for an organization in Salt Lake City, UT, and also an Airman in the U.S. Air Force. I am a regular on both tryhackme.com and hackthebox.eu, but mostly THM lately.

This blog will typically contain write-ups of rooms from tryhackme.com and boxes from hackthebox.eu.

For questions, email me at inquiries@beginninghacking.net

• Facebook
• Twitter
• Instagram
• YouTube

Subscribe to My Blog

Get new content delivered directly to your inbox.