WSR: #14: March 21th - 27th 2022

NCL CTF, American Fuzzy LOP, Honeypots

Published: March 27, 2022

| Reading Time: 2 minutes

This Week’s Recap


  • Joined the GIAC Advisory board after getting gold on GCIH.


  • The talk schedule for WWHF came out. If you’re wondering what I’ll be speaking about you can find it here. Super excited about this.


  • Signed up for NCL
    • The first capture the flag I ever attended was the NCL CTF through UNGs security club. I saw that it was about time for this CTF to start up again and joined through SANS. This is the first CTF I did that made me fall in love with Unix filtering commands grep, awk, sed, cut, sort, uniq, etc so I’m excited to return to where I first started.
  • Watched @hackingdave on Caleb McMurtrey’s podcast. I would link to it but it seems like the video is private now for some reason


  • Saw some tweets about American Fuzzy Lop and fell down a fuzzing rabbit holeno pun intended.
    • Very interesting reading about fuzzers/fuzzing
  • About two hours later got AFL up and running on a intentional vulnerable application called Fuzzgoat


  • Picked up Attacking Network Protocols.
  • Came up with an idea for creating an SSH honeypot on port 22 and some random port (37819). The standard port would have the credentials of root:password and the high number port would have no password required. Then we see which one gets popped first.
  • Asked what people thought and the results were interesting.


  • Took some time to research what software I was going to use for my honey pot. Ended up going with Cowrie
  • Results so far have been interesting…
  • I will be doing a full write up of my findings but here are some of the commands that have been executed… GCIH did NOT prepare me for these IOCs…


  • Making another SSH honeypot on a random high port number with no password to see how long it takes for it to get popped.
  • Published this blog

Have any questions

Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)