This is a review about one of my favorites libraries in Python: Scapy, which is a very powerful packet manipulation resource.

Scapy is able to forge and decode packets of several protocols, send and capture them, match requests and replies, and much more. It can be used to handle most ...

During this last weekend, the 9447 CTF took place. One of the misc problems was called NoSQL and had the following description, together with an attachment with three files:

Hey, I don't understand how SQL works, so I made my own NoSQL startup. And OpenSSL is bloody crap.

ip ...

Wireshark is an open-source network packet analyzer that allows live traffic analysis, with support to several protocols.

Wireshark also allows network forensic, being handy for CTFs for example (check my writeups for the D-CTF Quals 2014 and for the CSAW Quals 2014 in Networking and Forensics).

In this blog post ...

Last weekend I played some of the DEFCAMP CTF Quals. It was pretty intense. For (my own) organizational purposes, I made a list of all the technologies and vulnerabilities found in this CTF, some based on my team's game, some based on the CTF write-ups git repo.

Vulnerabilities

Remote ...

This is the only networking problem, and it is only 100 points, so it turned out to be very easy.

The problem starts with the following text:

Something, something, data, something, something, big

Written by HockeyInJune

pcap.pcapng

Inspecting the Wireshark File

The file extension .pcapng correspond to files for ...

The purpose of this problem is to teach about the need for encrypting your data. The FTP protocol sends clear text over the wire, i.e the data is transmitted without any encryption. SSH/Secure File Transfer Protocol is a network protocol providing secure file transfer. Using SFTP, instead of ...