Capture the Flag events come in a variety of different shapes and sizes. It’s difficult to place what a CTF is in a single box, but essentially it’s a competition to gain points by solving puzzles and challenges. These puzzles and challenges can vary in time and difficulty to complete, and once completed the player […]
Cypher is a Hack The Box machine that simulates a custom graph-basedweb application called GraphASM, backed by a Neo4j database and servedby a FastAPI backend running in a Docker container. The core vulnerabilitylies in a custom Neo4j procedure that enables remote code execution viacommand injection. Discovery To begin, I’ll do a TCP scan of the […]
Most organizations believe their biggest identity risk walks in the door every morning. They’re wrong. Behind the scenes, a vastly larger—and far less controlled—population of non-human identities (NHIs) is quietly powering modern enterprises. Service accounts, API keys, OAuth tokens, certificates, and AI agents now outnumber human users 144 to 1, growing at an alarming 44% […]
If you missed Thursday’s Simply Cyber Firesides episode on December 11, now’s the perfect time to tune in. HighPoint’s very own Sean Kilbourn joined the conversation for an insightful deep dive into building a successful, multidiscipline career in cybersecurity — and the episode is packed with takeaways for professionals at every stage. During the discussion, […]