security

Keeping UFW Updated with Cloudflare Networks

Keeping your origin server properly locked down is an important step when running behind Cloudflare. This post explains how to automatically maintain Cloudflare’s constantly changing IP ranges using `ipset`, and how to integrate them with UFW so that only Cloudflare’s proxy network can reach your web ports. With boot-time restoration and scheduled updates, you can prevent direct-to-origin access, strengthen your firewall setup, and ensure all traffic continues to benefit from Cloudflare’s protection layer.

Wazuh and UFW in Ubuntu 24.04

Wazuh decoders for the Uncomplicated Firewall (ufw) from Ubuntu 24.04 do not work because they expect a different format of log entries. This article explains how to fix this with custom decoders and custom rules.

Write-up: Lockdown

Stay at 127.0.0.1. Wear a 255.255.255.0.

Write-up: Initial Access Pot

“We sell hundreds of DeceptiPots to the world every month, but we don’t even use them in our network. Show me the value of our product, test it well, and schedule the demo. Deadline – next Monday!”

This is the task Emily Ross received from the company CEO. As a newly hired junior IT personnel at DeceptiTech, Emily didn’t really know what to do but still decided to prepare for the demo: Configure DeceptiPot to replicate a corporate WordPress blog, deploy the machine in the corporate DMZ, expose it to the Internet, and see what it captures over the weekend. Little did she know, threat actors around the globe enjoyed testing the DeceptiPot, too! Can you find out how the attack on DeceptiTech started?

Write-up: The Sticker Shop

Your local sticker shop has finally developed its own webpage. They do not have too much experience regarding web development, so they decided to develop and host everything on the same computer that they use for browsing the internet and looking at customer feedback. Smart move!

Write-up: Injectics

Can you utilize your web pen-testing skills to safeguard the event from any injection attack?

Write-up: Whats Your Name?

Never click on links received from unknown sources. Can you capture the flags and get admin access to the web app?

This challenge will test client-side exploitation skills, from inspecting JavaScript to manipulating cookies to launching CSRF/XSS attacks.

Write-up: Biblioteca

Shhh. Be very very quiet, no shouting inside the biblioteca.

Write-up: Hammer

Use your exploitation skills to bypass authentication mechanisms on a website and get RCE.

Write-up: Extract

The librarian rushed some final changes to the web application before heading off on holiday. In the process, they accidentally left sensitive information behind! Your challenge is to find and exploit the vulnerabilities in the application to extract these secrets.

« Previous