Building Vulnerable Machines: Part 1 — An Easy OSCP-like Machine

Apologies for the delay; I have been away on a “pseudo-holiday”, or “service break” — I’ve been wanting to write something security-related this month, but found myself a little out of time. This series will be broken into three parts. Part 1: General Design Principles Part 2: Building a Machine (with an example) Part 3:…

Digital Defence

It’s Total Defence Day in Singapore today. And for the first time in thirty-five years, there has been an update to the framework. Introduce Digital Defence. This was probably much called for, considering how the theatre of warfare has transcended physical space into the digital space. The subject of digital warfare is too complicated to…

The Year of the Smartphone

It was Lunar New Year festivities, once again. For Kate and her brother, Charles, it was a festive occasion once again. Kate could return to her grandmother’s home to show her her latest single. Charles wanted to gorge on as much food as possible, and collect as many angpows as he could. The family soon…

What Might the Future Hinterland Be?

On Wednesday, I attended a lecture on Singapore’s development as a port city. It coincided with our bicentennial since the arrival of Sir Stamford Raffles on Singapore’s shores in 1819. Throughout history, Singapore as a small territory was in search of a hinterland. Most successful cities operate on the premise of having hinterlands that support…

Another Year?

“So, what are your resolutions for the new year?”“I shall think about it tomorrow, on New Year’s Day.” Ok, now that it is New Year’s Day, now what? First, let us perhaps take stock of some of the key resolutions. There were hits and misses. Passing the OSCP. A hit after plenty of sufferance. 🙂…

A Digression: The Offensive Security Certified Professional (OSCP) — Part 3 of 3

#offsec #pentest #training #tryharder Say “try harder”… Here I will deviate from most typical OSCP reviews and discuss a little about creating machines. If we can break machines and obtain administrator privileges, can we create them? One way to get good at a subject is to approach it from different perspectives. For instance, we peer-tutor…

A Digression: The Offensive Security Certified Professional (OSCP) — Part 2 of 3

#offsec #pentest #training #tryharder I want to try harder and earn my OSCP! What should I do? Well, this part of the review is meant for you! How Much Did the Author Know Before Taking the OSCP? Unlike most people who took the OSCP, I took it knowingly that my fundamentals were not good. After all, my background…

A Digression: The Offensive Security Certified Professional (OSCP) — Part 1 of 3

#offsec #pentest #training #tryharder (Note to all who have read Part I on my other page — yes, I’m in the midst of shifting my blog; this is a replication of Part I on my previous site, with very minor edits.) (WARNING: This review is very cheesy. If you can’t take it, try harder.) Many a…

Introduction to the Digital World — Part 5 of 5

In the previous part, we discussed the subject of “information assurance (IA)” in the physical context. The digital context is similar, and this time, I will use e-government as an example. Let us use the scenario where a citizen, Bob, wants to access a government web application to modify the dates where Bob needs to…