writeups
hackthebox
| writeups | hackthebox | |
|---|---|---|
| 8 | - | |
| 122 | 325 | |
| 3.3% | - | |
| 6.8 | 0.0 | |
| 25 days ago | over 1 year ago | |
| Python | Python | |
| - | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
writeups
- Question about ECDSA
-
Reduced Round AES CTR Attacks
See: https://github.com/p4-team/ctf/tree/master/2016-03-12-0ctf/peoples_square and also https://github.com/TFNS/writeups/tree/master/2020-06-05-DefenitCTF/spn (this one is not AES but some toy SPN, but the idea is exactly the same and maybe easier to understand)
-
Supersingular Isogeny Key Exchange in Python
Not exactly purely in Python because with sage and also the goal was breaking SIDH, but: https://github.com/TFNS/writeups/tree/master/2020-04-17-PlaidCTF/sidhe
-
What are some real-world security issues in cryptography?
I'm not even mentioning big stuff like https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/ which interestingly enough is actually a vulnerability very similar to what exists in Java since the dawn of time -> https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/sun/security/provider/DSA.java#L358 (see: https://github.com/TFNS/writeups/tree/master/2020-10-03-TastelessCTF/petition )
-
Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries
The same issue exists in Java JDK for quite a while (see: https://github.com/TFNS/writeups/tree/master/2020-10-03-TastelessCTF/petition ) ;) I suspect there are many more libraries with similar problem.
Seems like the same problem as exists in Java JDK in DSA -> https://github.com/TFNS/writeups/tree/master/2020-10-03-TastelessCTF/petition
-
How did this person manage to extract all the RSA prime numbers in this writeup?
Check my writeup https://github.com/TFNS/writeups/tree/master/2021-10-23-ASIS-quals/madras if you need to understand where this come from.
-
Using compromised algorithms.
See an example: https://github.com/TFNS/writeups/tree/master/2021-03-13-UTCTF/sleeves
hackthebox
We haven't tracked posts mentioning hackthebox yet.
Tracking mentions began in Dec 2020.
What are some alternatives?
tweetable-polyglot-png - Pack up to 3MB of data into a tweetable PNG polyglot file.
hackerone-reports - Top disclosed reports from HackerOne
squarectf - The "code" for squarectf.com
SecGen - Create randomly insecure VMs
svachal - Automate writeup for vulnerable machines.
pentest-everything - This is my penetration testing cheatsheet
cryptofuzz - Fuzzing cryptographic libraries. Magic bug printer go brrrr.
seed-labs - SEED Labs developed in the last 20 years.
HiddenWave - Hide Your Secret Message in any Wave Audio File.
netlab - Making virtual networking labs suck less
hackingtool - ALL IN ONE Hacking Tool For Hackers
starred - creating your own Awesome List by GitHub stars!