Offensive Coding
I maintain a GitHub repository called “Offensive Coding” where I have various coding projects I’ve worked on. These projects include tools for Windows and Linux, shellcoding, Python scripting, and much more.
You can find the repository here: github.com/rach1tarora/offensive-coding.
RSA 2024 CTF with Cloud Village - BotSilverQuest - Azure CTF
I created a CTF challenge where participants had to find a flag in a zip backup file stored in Azure Blob Storage. Despite the zip file being deleted, the storage had versioning enabled and it could be recovered.
This challenge highlighted how blob versioning can lead to sensitive data leakage through previous versions of the blob.
You can verify my contributions here: https://rsa2024.cloud-village.org/.
Sentinel Heatmap (RDP Bruteforce)
During my college, I created a project on Azure that monitors and records all attempted RDP (Remote Desktop Protocol) bruteforce attacks, and then presents this data as a heatmap for easy visualization.
More information and the report: here.
Tempus CTF
Created a CTF for NSS, which involved Forensic Analysis, Cryptography, and Privilege Escalation (Docker Container Breakout).
More information about the challenge and the badge: here.
A blog has been published: here, analyzing the observations drawn from individuals attempting to compromise the VM.
Active Directory Homelab
Gained hands-on experience and established a strong foundation by setting up an Active Directory Homelab.
Learnt about Enumeration, Lateral Movement, Domain Privesc, and Persistence.
Practiced attacks like Kerberoasting, AS-REP Roasting, and DCSync and utilized tools like BloodHound, SharpHound, Powerview, and ADModule.
Fixed the vulnerabilities to explore the defensive aspect of the process.