• Posts
Introduction
Try-Hack-Me
• Threat Hunting with Yara
Boxes
• Hack-the-Box
  • Privilege Escalation
  • Public Exploits
Weekly CVEs

Weekly CVE: CVE-2025-12345

Overview CVE-2025-12345 is a critical vulnerability in XYZ software that allows remote attackers to execute arbitrary code via a specially crafted payload. Details Severity: Critical Affected Versions: XYZ 1.2.3 and earlier Patch Available: Yes (Update to XYZ 1.2.4) Mitigation To mitigate this vulnerability, update to the latest version of XYZ software and ensure your systems are protected by a firewall. References NVD Entry Vendor Advisory

• CVE
• Security
• Vulnerability

Thursday, June 5, 2025 | 1 minute Read

Threat Hunting with Yara

Introduction First off, YARA has one of the best names of a tool. It stands for “Yet Another Ridiculous Acronym.” Respect. There’s a good explanation of YARA here: https://docs.virustotal.com/docs/what-is-yara Essentially, YARA is an open-source tool designed to help malware researchers identify and classify malware. Think of it as a supercharged search engine for finding malicious software. It works by using rules that define patterns to look for in files. These patterns can be specific strings of text, hexadecimal values, or even regular expressions.

• box
• review

Wednesday, November 20, 2024 | 5 minutes Read

Privilege Escalation

Intro Today’s walkthrough goes over some basics with lateral movement and privilege escalation. We’re not too far into the weeds of enumeration yet, but let’s dive in. This box can be found here: Hack The Box - Academy - (you will need active access to HTB Academy) Research We’re given a box to ssh into, with the user: user1 and password password1. Our task is to SSH to the server with the provided credentials and, after logging in, try to find a way to move to user2, to get the flag in /home/user2/flag.

• box
• walkthrough

Sunday, July 7, 2024 | 4 minutes Read

Public Exploits

Intro In this intro to using public exploits, we’re going to “Try to identify the services running on the server above, and then try to search to find public exploits to exploit them. Once you do, try to get the content of the ‘/flag.txt’ file.” This box can be found here: Hack The Box - Academy - (you will need active access to HTB Academy) Research First, we took our spawned target: 94.

• box
• walkthrough

Monday, July 1, 2024 | 5 minutes Read

Introduction

Hi! I’m Brinton. I’ve been working in tech for more than a decade and I’ve been a nerd for as long as I can remember. I mostly created this site to document some things I’ve learned along the way. This is also a place I keep some tutorials, walkthroughs, and references (mostly for me) that others might find useful.

Monday, January 1, 1 | 1 minute Read