all InfoSec news
30 days of CTF: lessons learned
July 3, 2022, 11:36 a.m. | jmau111
DEV Community dev.to
30 days in a row! It's cool so far. Here are some thoughts.
First episode here:
21 days of CTF: lessons learned
jmau111 ・ Jun 25 ・ 3 min read
#cybersecurity
#security
#ctf
7 thoughts for attackers
1. Stealing capabilities
A pretty bad server configuration allows escalating root privileges by manually setting permissions for common binaries such as Python.
In the last CTF I've played, I did not need to run a sudo command. A simple local user was enough: …
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
XDR Detection Engineer
@ SentinelOne | Italy
Security Engineer L2
@ NTT DATA | A Coruña, Spain
Cyber Security Assurance Manager
@ Babcock | Portsmouth, GB, PO6 3EN
Senior Threat Intelligence Researcher
@ CloudSEK | Bengaluru, Karnataka, India
Cybersecurity Analyst 1
@ Spry Methods | Washington, DC (Hybrid)
Security Infrastructure DevOps Engineering Manager
@ Apple | Austin, Texas, United States