Blocking EVERYTHING with Windows Firewall
Key Takeaways
This video demonstrates how to use Windows Firewall to block outbound connections from programs, utilizing tools like Lolass resource, PowerShell, and Golang to automate the process and improve concurrency. It also explores the use of Requestbin.net to test URL blocking and verifies system functionality after disabling internet access for binaries.
Full Transcript
The local Windows firewall is pretty good and I don't think it gets enough love. I think it's honestly slept on and no one really uses it to its full potential because it is like the single source of truth or at least a source of truth on one computer, one device, one endpoint where you can control what goes in and out. So you're not relying on some broad networkwide maybe firewall at the gateway, but you've got something between each individual machine. And if you have that managed across a fleet of devices, then you can really lock down what could end up being lateral movement when thread actors, hackers, or malware try to move throughout your environment. So, in this video, I want to do a little bit of an experiment. I'm going to use the Windows local firewall and actually block outbound connections from a lot of the different programs that are often used as living off the land binaries. So natural native built-in programs on the Windows operating systems that can be used and abused by bad actors. Now before we dive in, let me add like a thousand disclaimers. Hey, this is kind of just for funsies. You may or may not actually want to do this because yeah, it's one hardening exercise to make your security posture a little bit tighter, sharper, stronger there. But some of the programs you may really want to maintain and keep internet capability. Outbound connection, you probably still want to allow that for like vital necessary maybe system services. So I think we could try it. See what happens if we block everything and then see if there are any oddballs or things we should exclude from the banhammer of living off the land binaries. So, if you aren't familiar, the Lolass or Living Off the Land Binaries, Scripts, and Libraries resource is phenomenal. It's this catalog and archive of all of the possible potential programs that could be abused by thread actors to do different things like maybe upload or download or exfiltrate data out of your environment. And there are tons of these. Now, obviously, I'm scrolling past maybe a couple that, well, are pretty clear that they could be leveraged, like simple cmd.exe, the command prompt, right? Maybe that, and like PowerShell.exe or others, we probably don't want to limit and lock down network connectivity. But for things that really should have no business doing things out of the environment, out of the local area network, we could lock it up. And we'll make this a little small programming or coding exercise for us because they offer some programmatic access to this resource with their API. We can go take a look at their API page. And you can see all the data could actually be accessed as either JSON, CSV or YAML. I think in our case, it'll probably be most easiest to work with with the JSON data dump. This contains every single lowbass entry in a single file using the same structure as the underlying YAML files that you could track down as part of the GitHub repository. But let's go take a look at what this thing looks like. And obviously there is a lot to it. But I want to try and look through kind of going backwards just as an example here. Something that might be able to download like bitsmin.exe. Now, this could be available in different paths, different binary locations on the file system. So, let's loop through all of these, determine the paths where they could be, test if they're present on our system, and then lock it down with the Windows firewall. Now, again, because this is for experiment sake, if you were to do this thing for real, your mileage may vary. Take it with a grain of salt. Let me add all the disclaimers whether or not you actually want to do this in production or not. But just for a playground, I'm going to create a snapshot for before lobbass. And that way we can kind of toggle in and out if we need to revert in case we accidentally break anything by, you know, disabling a lot of that network connectivity. But let's spin it up. And to make this kind of abstract and fun for us, what I'll do is actually pull down the GitHub repository info like from that API page. Now, that will require internet connectivity and I want to script this with PowerShell. So it's something easy we could slap in and out of copy paste whatever. But of course if you wanted to make this a little bit better or I don't know your definition of better obviously the code can be improved whatever we end up doing. Uh you could just determine or stage this all prior and then just loop through a bunch of like netshv firewall commands. But for our learning let's go ahead and build out a script. So I'm inside of the Windows PowerShell ISC or that integrated scripting environment. And actually, I want to open that as an administrator. So, I want to rightclick or control shift enter or click run as administrator. So, we have our UAC prompt because if we're going to be modifying the local Windows firewall, we need to have those admin privileges. This is something that you would want to do as a preemptive measure to harden and lock down your systems. So, there can't be as much lateral movement potential. Say a hacker compromised this machine. Well, now they can't pull down other payloads or maybe use some of those living off the land tools to do other damage. Anyway, let's make our script. We can just put this on the desktop for now. Let's just say lolbass firewall.ps1. Looking good. And first things first, let's define a lolbass URL. And let's grab that URL for the JSON object we want to pull down. That's on that page here, the API page for API lolbass.json. Let me copy that clean link. And now let's enter that paste it in here. Now let's say the lolbass data can actually equal the response for a command lit when we use invoke rest method on our lolbass URL. Now let me just try to return out our lolbass data. So we can see all of the data that it's already retrieved. Now we want to loop through it. And if we actually were to expand this out, we can see that all of the elements here, if we actually drill down into like the PowerShell object ultimately, we'll have the name and then all the other properties and fields there, including the full path that will include other sort of key value pairs for any of the paths that it might be present in on an endpoint. So let's try to loop through each element there. Let's use a for each if I can type let's say each entry in our lolbass data and I want to retrieve things out of the PS object here. Yeah. So then we can get the properties and we can go extract the actual value that should be present there. Will that work? Can I just simply echo entry just as a sanity check or like write host if you're a PowerShell purist, right? F5 on that. Okay. Yeah, it spits it all out just fine. Now we have each of the entries and we want to loop through every single one of the entries full path value, right? Realistically we should check if that value exists first. So let's just do if that has a data like set in that property. Uh and we could also extract out the name just as well. Let's get name to be our entry.name. And let's again sanity check. Will that display just fine? Okay, cool. Now we can see all of the files just given their name spat out to us here. So we're looping just fine. And now we can actually do that real loop through for each of them. Let's just say path in that entry full path in which case remember that is just another like hashmap or associative array. So we'll need to extract out the path.path from there if that's not weird or confusing. whatsoever. Let's echo that all out. But now you can see, okay, we're getting the actual file system location as we should. Next, we'll need to check if that exists on the endpoint. And really, we're doing that just in case, hey, some other system doesn't have that installed or available in case it's not. Oh, a built-in where it's other things that could be between different Visual Studio installations or SDK, Windows kits, etc. And all of this really is for your own understanding of the endpoint. And if you're an analyst, like a security operation center analyst or doing some digital forensics instant response or you're just trying to harden like a system administrator, it's all good to know. And actually, if you're doing some of that security stuff, let me take a quick little segue to tell you about something really cool. Security alerts are noisy. Some are real threats and some are well not. And figuring out which is which, that eats up time, especially if you're new on the job. But check out Coach by Dropzone AI. It's a free Chrome extension that acts like a heads up display for your alerts right inside your browser. Just open an alert and Coach reads it, figures out what you're looking at, and explains what triggered it, what it was designed to detect, and how to dig deeper with expert level investigative steps. Whether you're a junior analyst trying to level up or a season pro looking to sharpen your game, Coach turns every alert into a learning opportunity without breaking your workflow. And here's the kicker. Zero data retention. Your investigation stays private always. I've got a chance to try it out and honestly, it feels like the kind of AI tool we should be seeing more of in security. It doesn't replace the human, it augments them. Check out Coach by Drop Zone AI and see how it can help you think like a seasoned analyst faster. Grab the extension completely for free with my link below in the video description. jh.live/dropzone-ai-coach. Huge thanks to drop zoneai for sponsoring this video. All right, now let's get back to our script. We're looping through it. And now that we've actually determined, we've got the variable, the value to reference, a potential path and location on the file system for each and every binary or anything in that lowbass project. We can test if that even exists. Let's do a simple if statement and let's use the command lit test path, which just should return whether or not that path exists. So if it does, then we can just echo and maybe we'll build out like a display name. How about that? display name can equal block lolbass given the name that we've already extracted above with the dollar sign prefix for our variable. If that's the case, let me again just sanity check. Let's display all this out and see how many we've got here. I'll hit F5 and okay, it's found a good many of them, but some not all. Probably because a couple have spaces. So, we'll want to try to wrap this in single quotes or double quotes really. Anything to make it a string. I think double quotes is probably the best PowerShell option here. Oh, that gave us nothing. Huh, that makes sense actually because it's kind of using that variable, but we still need to extract the property out of that. What is our error? Illegal characters in the path. The argument should be perfectly fine there. Do some of the paths just not like have uh the correct representation? Let me use a multi-line comment in PowerShell. Just the greater than and less than symbols and the hashtag pound symbol octoorp. Let me take a look at the path once again. F5 that. Are there a couple that just are weird? Oh yeah, they have placeholders here. Like you can see uh greater than less than symbols version and things. Dang. Okay, so we're using broad strokes right now, right? Obviously, we're trying to loop through all of these and just hit uh a ton of them. Maybe we should just ignore the ones that aren't valid. Yeah, this is like no default. That's not helpful. Can test path have like an error action. Silently continue. I think it could. So, we could just ignore anything else if it's bad news bears. Again, broad strokes, proof of concept, a little experiment. We're just kind of playing around the playground right now. Let me try to use that uh error action silently continue. And then I'm assuming it'll just ignore that block following it, right? How about this? Okay. Yeah, remove our quotes that I left those there and they were wrong. Uh, okay. No errors this time. You might have seen that. Just scroll through. Now we've got a lot of these. So now we have found and determined where on our file system the binary is. And we could just give this to the Windows firewall and say, look, don't allow any outbound connections. Now, I was alluding to at the very beginning, we could use like the old school netsh.exe binary and the adv firewall like command in the old school cmd.exe style, but since we're in a PowerShell script and we wanted to do this PowerShell like we could use some of the commandlets that are modern now, like Windows 8 and above really. So, you should have them. Getnet firewall rule is the one that I want. And let's just see if we even have an existing rule. We can define that to be able to say, oh, look, if we happen to have ran this script previously or if anything else is just kind of left over, let's validate and make sure we don't already have an existing rule based off of the display name that we've just defined above. So, let's use that display name variable. And let's add another error action silently continue. So we can be, you know, a little bit uh hardcore and just cruising through this. I doubt we're going to have any existing rules because obviously we have not ran this previously. So we should have no output here and we do not. And this is a little bit slow right now. We are cruising through all this. Going to take a little bit of time to run, but it's doing what we want. Oh, you know, this is like really slow. We're on line one. We're on line 6,32 because we've already outputed all this kind of previously. So there are probably a lot of these things that it's trying to rip through. Uh the thing is like we could use the dash parallel parameter for for each if we're in like PowerShell version 7. I think that's the uh cool hip new modern stuff, but I don't think I'm using PowerShell version 7. I can echo the version table. And yeah, I'm I'm just on five. Okay. Poor boy. We could use jobs to make it a little bit faster. I mean, this is just cutesy. I don't know experiment code. It really doesn't matter, but just for the sake of demo and for me having to sit through this thing. Or we could just yolo it and not check if the firewall rule exists beforehand, which obviously you would want to do. That's good practice. But we could yolo. And we could also obviously write this in something that's not PowerShell. Rip through it in Golang and it's just super concurrency. Get a compiled binary at least. Let me see like how slow that actually is. Let me just do an if not existing rule then give me some output so we can at least figure out our pace. I'm sorry. This is just me fumbling around now. Echo display name firewall rule does not yet exist. Go. It's slow as a crawl, dude. PowerShell was not the choice. All right, let's do jobs. I'm sorry. I want to make the stupid PowerShell code a little bit better. Let's have like a paths to block uh little little hashmap uh associative array there. Is that the right terminology lingo? I don't know. Uh so if it does not exist, then we should add to our paths to block where the path that we've determined can be set to the name of the binary. So then we've processed all this and at the very end of that loop, we'll now have a built out paths toblock list. Uh does that work? Okay. Well, that's going to be even that's going to be just as slow. Oh yeah, because we don't need to do the get firewall check. Uh in that case, we just need to determine we just need to determine that these are the ones that we want. So we don't even need to set the display name in that case. We are just going to end up building out that list. Yeah. Yeah. Right. Stupid PowerShell code. Any better? Stop the old one, please. And now run this. Much better. How many of these do we have? Let me uh measure object real quick just to see. We have Oh, thanks. Okay. Yeah. Paths to block. Don't need the echo on that one. How many we got? Can I just get like count? Is that the one? Okay. 275. Okay. I thought this was going to be an easy video and this stupid PowerShell is like, "Nope, too slow." So let's define now an array of jobs and that way we can do eventually like what will be start job uh to be able to work through all this right we can say like max concurrent jobs as a like limited there and let's just do like 25 I think we have 275 to rip through so that's not that bad I think so now we do a for each given the key value pair in our paths to block list. Oh, and that uh we want to enumerate. So, get enumerator on that one. Yeah. And then just to just to see, right? Oh, sorry. Forgot a uh parenthesis there. Spit it all out. Looking good. Let's check uh the number of jobs that we have running. So, uh get job. Get job, not that get jobs where the state is running. And we can check the count on that. If that's greater than or equal to our max concurrent jobs, then I want to chill out. Uh, sleep. That's the one. We can just sleep for a second and let it do its thing. Wait for it to catch up while it's going through the jobies. But otherwise, we want to get our path, which should be our key value path, our key value pair, sorry. getting the key and then the name will be the key value P value right yeah so now our display name can be actually what it should be blockbass given the name now we actually add to the jobs that we will run so jobs plus equals a start job given a script block where we can define the code that we want to run here this is where we'll do the firewall work and I think we need a parameter here given the name and path actually uh display name is probably what we'll end up passing through to that. Now we can do the firewall work, right? Let's check if it exists where we can get net firewall rule based off the display name that we will pass in. Let's add our same error action silently continue there to ignore the haters. So if that does not exist, we will then add with a new net firewall rule. And we can try to make this a little bit readable. Like let's do our display name. Given the display name, we'll need to specify the direction. Oh, we need a uh back tick to escape our new line character here. If we are trying to extend that to multiple lines, outbound should be the direction that we're going to be worried about for the connectivity there. Of course, we want to block that as our action. We'll set the program. So, the full path, right? The path of the binary that we are going to try and limits, restrain, restrict. does not matter what profile of the uh firewall that we're going to be hitting here. And then actually enabled enabled enabled true then we can simply do a little write host and say hey we did it. But otherwise we can add an else statement here. If it does already exist maybe we just uh say that it already exists. Now because this is all part of our script block that's defined uh the end of this correct. So we'll add in our argument list and that should be the display name and the path that we are working with. Those are the parameters that we pass in here. Good. Now finally at the end of all this we've built out all this plumbing. Let's say now waiting for all jobs to run. And that syntax will now be jobs piped to wait job. And then we don't need any of the output there. So let's pipe that to outnull. And then to clean this all up, I think we need jobs pipe to receive job. Yeah. And then jobs uh remove job because that way we'll be all done with the things. I think this is better now. I hope. Let's try it out. I'll bring up the prompt here and I'll hit uh well th this is when we like do the thing though. So are we ready? I'm gonna I'm gonna try and save this outside of the virtual machine just so I have a copy in case we need to go back in and out of our VM and like revert snapshot. But I think we're looking good. I'm going to press F5 and we'll fire it up. What are you doing? What's happening right now? Why don't we have any output? Are we adding firewall rules? Can I just not see it in ISC? Let me open up Windows Firewall. It's slowing down. Virtual machines not having a fun time right now. All right, firewall. Let me see what you got. Outbound rules. That's kind of cool though, not going to lie. Okay, so bits admin, right, is a fine fair example. And you can see that has properly set the path because bits admin would just about always be used for downloading. And that's not enabled yet. Okay. No, no, they are. They're It's just wait. It's just trying to load. If I refresh, is there more of them? Yeah. Okay. It's cooking. We are blocking all of the things. SSH is now nuked. Nice. Sir util would be a big one. Like util is just about always the usual download alongside bits admin from the command line on Windows, right? But like think about MSHTA, think about Ccript. MSHA I think specifically because that way you'd oftentimes use like a network location to be able to run an entire like hypertext application file. So PowerShell's doing its thing. If I were to try and now download something with Bits Admin given the syntax from Lolbass, let me go back here and then Bits admin is a fine example because I think we can download pretty easily with that. Oh no, that syntax is gross. Never mind. Give me util or like uh wget.exe or like they have curl now, don't they? Windows has curl now. Is that not here? Fine. Util download should work fine. It wouldn't be able to retrieve anything from an external location. Is util now in our big long list? Yeah. Okay, cool. All the utils are. Let me say I were trying to download a payload that's like hosted on enrock or something stupid. We'll just get like a hook bin on the internet, I guess. All right. Requestbin.net. That should be fine. Yep. Give me a URL that I can pull down. Pretty please. Okay, cool. We got this thing. Now, obviously, if I were to open up in a new tab and make a request to this URL, it will be logged over here. And you can see that all coming through in the results. Let me clear those out. Now, let me get that syntax and try it on that domain. It should be blocked. So, I wouldn't be able to save like any output.ext or whatever that would have returned. But if I give it an actual URL to specify here, we'll paste in our specific domain. I'll hit enter here. Request is not supported. Oh, probably needs an HTTP schema. http slash. Command completed successfully, but it would not have been allowed via the firewall. Do we have a request? We do. Is my firewall on right now? It's on. Wait a second. We're not actually setting the correct path here. We're setting the literal PowerShell value. Our script is bad. That path is real bad. Look at all these like down below. Yeah, you probably saw it. You probably caught it. And I was completely oblivious. And now I made a fool of myself. That is why we made a snapshot. That's why we totally can roll back our VM, ladies and gentlemen, because it's done now. I can't believe that I needed the path. Path. Shoot. I never put the proper key in there. Okay, we're in a reroll. You know what? That's the fun of video. Snapshot. Revert back to before. Lolass. Okay, we're ready. This time we're doing it for realies. We got it on lock. Let me paste in from our host. Save that as our lolbass firewall. Now, let's run this thing with F5. Now, let's go take a look at our firewall rules. We can see they are slowly but surely coming to life. Yeah. Yeah. Okay, cool. I see one block coming through and the path is actually correct now. Phenomenal. Okay, cool. Now they're coming through. Now, let's do our search util test once again. We got a domain. Let's open up a command prompt. Let's paste in the URL as it should be for a given any output.ext. Let's copy in that actual URL. And when I use this and remember we need that HTTP schema. I'm learning. I'll enter here. There we go. Firewall says nuh-uh. When HTTP cannot connect. Now, here's the thing. Once this script is like fully complete and we have literally like disabled all of the capability from any of the given built-in binaries that it's tracking down, will our machine still boot and like run as it should? That's my question because remember my skepticism that that my concern was uh are we actually going to unintentionally clobber anything that just kind of needs internet access for the way that Windows will do what it does and like in a production environment I don't know what this would do with anything else that you've actually got going on. So this is all for exploration. I'm going to add again the biggest disclaimer that I possibly can with that. This is just kind of a fun educational extravaganza. But it's done. It has finished. So, let me try to reboot. [Music] Restart. Fingers crossed. Will Windows do what it needs to do? I might be totally like completely wrong. Uh, I can log in. Is Edge going to work? Because I know that was one of the binaries that's like, uh, go to google.com. But Brave's gonna work just fine, right? Yeah. Yeah. He's he's he's cooking. Brave is all fine. Can I like use PowerShell to like invoke web request example.com or something? I mean, yeah. Okay, that's not going to be locked. There was no PowerShell.exe because it's the core DL like internals to Windows. You can't really turn that thing off easily. But like if we were to go back to any of the others here in the Lolass uh catalog, anything that has like a download capability, app installer, bits admin, search util, of course, cmd.exe can do it really easy. Oh, you could just use type nice expand find string FTP would no longer behave. So you need to like and even probably defender things, stuff for again the functional usage of your computer, the things that you might still want to have uh an exclusion for or at least uh avoid through this loop, but fun experiment I think. Now again obviously we were uh working with broad strokes uh and this may or may not do all the things that we would kind of like but at least the small example with cert util was enough to kind of I hope drive the point home. If anything this was just a silly little excuse for me to uh crap out bad PowerShell code and then get everything wrong in a video. So fun. What about SSH? Would that one work? SSH terminal.shop. Shout out fellas. Yeah, we can't get any coffee anymore, huh? All right, that's it. That's the end of the video. Thanks so much for sticking with me for some bad PowerShell code, but hopefully still playing with the local Windows firewall. Don't sleep on it. Honestly, I think you look when you use it to what you could do with it for hardening, for security. Uh there is still opportunity there. Limit your attack surface. And I really mean limit your internal attack surface. Because we are in the world of assume compromise, assume breach, not a matter of if, it's a matter of when, and all the security thought leader, you know, fluff and buzzwords, blah blah blah. Hey, please do give some love to our sponsors. I'm really stoked for uh Drop Zone to be part of the family here. Drop zone. Big love to those folks. And uh thank you so much for watching this video. Please do all those YouTube algorithm things. Like, comment, subscribe, and I'll see you in the next video.
Original Description
https://jh.live/dropzone-ai-coach || Try COACH from Dropzone AI and get a free AI-powered security alert mentor for SOC analysts! https://jh.live/dropzone-ai-coach
Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training
See what else I'm up to with: https://jh.live/newsletter
🏆Attend ContinuumCon, the practical online cybersecurity conference that never ends! Livestream begins June 20th, 2025: https://jh.live/continuumcon
ℹ️ Affiliates:
Learn how to code with CodeCrafters: https://jh.live/codecrafters
Host your own VPN with OpenVPN: https://jh.live/openvpn
Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense
Master Binary Files and Protocols with Gynvael Coldwind: https://jh.live/hackarcana (code MBF-JH-10 gives 10% off!)
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from John Hammond · John Hammond · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
Tutorials? MySQL connection with PHP and Bash!
John Hammond
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
JavaScript Splits The URL!
John Hammond
HTML Tables in Python!
John Hammond
HTML, Net Shares, GML!
John Hammond
Python 08 Programming Style and Comments
John Hammond
Python 26 Object Oriented Programming
John Hammond
75 Python Tutorials, Out Now!
John Hammond
Batch 14 Mathematical Expressions
John Hammond
Batch 85 Array Append
John Hammond
Batch 86 Array Count
John Hammond
Batch 87 Array Index
John Hammond
Batch 88 Array Insert
John Hammond
Batch 89 Array Remove
John Hammond
Batch 90 Array Reverse
John Hammond
Python [colorama] 00 Installing on Linux
John Hammond
Python [colorama] 09 Cursor Position
John Hammond
Python [hashlib] 02 Algorithms
John Hammond
Python 00 Installing IDLE on Linux
John Hammond
Python [pygame] 11 Rectangular Collision Detection
John Hammond
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
Python [XML-RPC] 01 Research
John Hammond
Python [pyenchant] 03 Personal Word Lists
John Hammond
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
Python 04: PEP8 Coding
John Hammond
Python Challenge! 17 COOKIES
John Hammond
Google CTF 2016: Ernst Echidna
John Hammond
Google CTF 2016: Spotted Quoll
John Hammond
Google CTF 2016: Can you Repo It?
John Hammond
Google CTF 2016: No Big Deal
John Hammond
Google CTF 2016: In Recorded Conversation
John Hammond
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
Homemade CTF Challenge: 04 "UPX"
John Hammond
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
Juniors CTF 2016 :: Six Strange Tales
John Hammond
Juniors CTF 2016 :: Lost Code
John Hammond
Juniors CTF 2016 :: Here Goes!
John Hammond
Juniors CTF 2016 :: Southern Cross
John Hammond
Juniors CTF 2016 :: Clone Attack
John Hammond
Juniors CTF 2016 :: Dirty Repo
John Hammond
Juniors CTF 2016 :: Hackers Blog
John Hammond
Juniors CTF 2016 :: Voting!!!
John Hammond
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
Juniors CTF 2016 :: Stop Thief!
John Hammond
Juniors CTF 2016 :: ROFL
John Hammond
Juniors CTF 2016 :: Restriced Area
John Hammond
Juniors CTF 2016 :: Oh SSH!
John Hammond
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
HackCon CTF 2017 "Bacche" Challenges
John Hammond
More on: AI Security
View skill →Related AI Lessons
⚡
⚡
⚡
⚡
eCPPTv3 Review
Medium · Cybersecurity
Next-Gen Endpoint Protection Software: Securing Remote Employees Against Modern Cyber Threats
Medium · Cybersecurity
Understanding NAT (Network Address Translation): How Multiple Devices Share a Single Public IP…
Medium · Cybersecurity
Why the EC-Council 312-41 Practice Test Is Essential for Certification Success
Dev.to AI
🎓
Tutor Explanation
DeepCamp AI