In The Cyber
Published on
InTheCyber is a company with the aim of increasing the real effectiveness of defense systems adopted by companies to protect their information assets and their strategic assets, so it boasts an excellent team both in the Offensive and in Defensive Security.
I spent a lot of time at ITC in close contact with the Offensive team, or even “RED”. With them, I solved several challenges found on the net, but the real added value was being able to do it with the method that real Pentesters use.
The list of exercises I’ve done is as follow:
Hackxor | DVWA | VulnHub | HackTheBox |
---|---|---|---|
Balance Check | SQL Injection (3 livelli) | Kioptrix_level_1 | LaCasaDePapel |
Asset Management | Code Injection (1 livello + revers shell) | Mr. Robot | WriteUp |
CTRL+Z | Kioptrix_level_2 | Querier |
Exercise after exercise I was taught the basics of approaching an infrastructure to repent of, what to focus on, where to find useful resources, and much more. It was fortunate to have done this period after the conclusion of “CyberChallenge”, so as to be able to refine all the info that “CyberChallenge” has left in my mind in a somewhat dispersed and sometimes unclear way.
From this experience I take home various ideas and suggestions that I will be able to improve and expand over time, one of them all, to enter the world of the Bug Bounty, an activity that if done well leads to the great growth of skills regarding web security.
I, therefore, thank all the guys who have followed and welcomed me for these two weeks and in particular Paolo Lezzi for giving me this opportunity.