Devesh Mitra - Devesh's InfoSec blog

Devesh Mitra

Decrypt Challenge from SANS HHC 2024

Decrypt Challenge from SANS HHC 2024

In the SANS Holiday Hack Challenge (HHC) of 2024, there was a challenge named "Decrypt the Naughty-Nice List", where we are provided with a file that has been encrypted with a ransomware called "Frostbit", and some artefacts from the machine the file was encrypted on. This

HackTheBox Cyber Apocalypse CTF 2024 Blockchain Challenges

HackTheBox Cyber Apocalypse CTF 2024 Blockchain Challenges

My write-up for the 4 blockchain challenges from HTB Cyber Apocalypse CTF 2024

ROPEmporium: Ret2CSU Write-up

ROPEmporium: Ret2CSU Write-up

In this post, I will be explaining my solution for the Ret2CSU challenge from ROPEmporium. The challenge can be found here: https://ropemporium.com/challenge/ret2csu.html ROPEmporium challenges are awesome for learning Return Oriented Programming (ROP) with small and fairly easy-to-analyse binaries. Ret2CSU is the 8th and (currently) final

HackTheBox Write-up: RedCross

HackTheBox Write-up: RedCross

This is my write-up for the HackTheBox Machine named RedCross. As usual, a large thanks to the creators of the machine who have put a lot of effort into it, and allowed me and many others to learn a tremendous amount. Let's get straight into it! A quick

HackTheBox Write-up: Vault

HackTheBox Write-up: Vault

This is my write-up for the HackTheBox Machine named Vault. I have to give a large thanks to the creators of the machine who have put a lot of effort into it, and allowed me and many others to learn a tremendous amount. Let's get straight into it!

Overview of DMA attacks

Overview of DMA attacks

This post is inspired by @marcing, author of pentests.pl. Thanks for your presentation Marcin! DMA or Direct Memory Access attacks involve using hardware components to directly access a computer's RAM (Random Access Memory) without needing to go through the CPU. This functionality is provided for performance reasons

HackTheBox Write-up: Sizzle

HackTheBox Write-up: Sizzle

This is my write-up for the HackTheBox Machine named Sizzle. I have to give a large thanks to the creators of the machine who have put a lot of effort into it, and allowed me and many others to learn a tremendous amount. Let's get straight into it!

12 Rules of Life and Principles for Success

12 Rules of Life and Principles for Success

I decided to change up my blog posts a bit. This time, I wanted to talk about general life principles that I like to follow. Both of the following are self help books, and both provide great tips for leading a happy and purposeful life. I learnt a lot from

Ransomware, AES Encryption and Decryption using PowerShell

Ransomware, AES Encryption and Decryption using PowerShell

I really enjoyed this year's SANS Holiday Hack (2018-19)! There were many great challenges, and many things to learn. My favourite challenge was a ransomware based challenge where we were asked to analyse a live malware sample which was based off the WannaCry ransomware. The malware was in

CySCA 2017 Corporate and IoT Challenges

CySCA 2017 Corporate and IoT Challenges

I had the privilege of testing the challenges written for CySCA 2017, and I thank the challenge creators for allowing me to test them and learn from them. Here, I will show my write-up for the Corporate and IoT challenges which I found really interesting. I hope you enjoy! CySCA

KringleCon - SANS Holiday Hack 2018-19

KringleCon - SANS Holiday Hack 2018-19

The below PDF includes my write-up for last year's SANS Holiday Hack Massive thanks to the SANS team behind the challenges! I really enjoyed them! https://drive.google.com/file/d/1GcheenECfVQ9HYpnbBQkxv2lEOlCWwbF/view?usp=sharing

Credential Risk in a Windows Environment

Credential Risk in a Windows Environment

This article is about credential risk in a Windows Environment. The scenario is as follows: You are an Incident Responder or Level 1 Analyst trying to determine why a server is acting strangely, or trying to triage a Security Incident. You use your administrator credentials or equivalent to remotely logon

LAN Turtle + Responder, how to defend

LAN Turtle + Responder, how to defend

The LAN turtle is a physical device sold by Hak5 that provides the user remote access to the network it is connected to. It comes with a female Ethernet port and a male USB port, allowing it to be connected to a network and a computer. The LAN turtle has

About Me

First post about me