https://shushizinho.github.io/A blog about my CyberSecurity journey. 2025-09-23T15:39:06+00:00 Ana Silva https://shushizinho.github.io/ Jekyll © 2025 Ana Silva /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png 2025-09-23T00:00:00+00:00 2025-09-23T15:38:28+00:00 https://shushizinho.github.io/posts/TopScretCTF/ Ana Silva

Introduction In this post, I’ll walk you through solving a fun cryptography CTF challenge I tackled recently in the Dreamhack plataform. It’s a clever combo of RSA encryption and a Vigenère cipher. The key insight? Not everything is as secure as it seems—especially when secrets are tiny. In this challenge we get a public RSA key (N and e=5) and two ciphertexts: enc1 (Vigenère-encrypted FLAG)...

2025-08-01T00:00:00+00:00 2025-08-01T00:00:00+00:00 https://shushizinho.github.io/posts/SecurityAwareness/ Ana Silva

Introduction This post covers the TryHackMe room “Security Awareness”, which focuses on understanding the human element in cybersecurity and developing better cyber hygiene practices. The room emphasizes that security awareness is not just an IT concern but a responsibility that extends to every individual within an organization. Task 1: Introduction to Security Awareness What is Security Awa...

2025-07-30T00:00:00+00:00 2025-07-30T00:00:00+00:00 https://shushizinho.github.io/posts/InsecureDeserialisation/ Ana Silva

Introduction This post provides a detailed walkthrough of the TryHackMe room “Insecure Deserialisation,” which explores one of the most critical yet underestimated web application vulnerabilities. Insecure deserialisation was ranked as A8 in the OWASP Top 10 2017 and can lead to remote code execution, denial-of-service attacks, and other severe security impacts. Throughout this room, I learne...

2025-07-29T00:00:00+00:00 2025-07-29T00:00:00+00:00 https://shushizinho.github.io/posts/Roundcube/ Ana Silva

Introduction This post covers the TryHackMe room “Roundcube: CVE-2025-49113,” which explores what makes this vulnerability possible and demonstrates exploitation in a controlled lab environment. Roundcubeis a free and open-source webmail project that has gained widespread adoption due to its feature-rich interface and multilingual support, available in over eighty languages. Its functionality...

2025-07-28T00:00:00+00:00 2025-07-28T15:30:03+00:00 https://shushizinho.github.io/posts/AD-basic/ Ana Silva

Introduction This post covers the TryHackMe room “Active Directory Basics” which introduces fundamental concepts of Microsoft’s Active Directory service. Active Directory is a critical component in Windows enterprise environments, providing centralized authentication, authorization, and directory services. Task 2: Windows Domains In a Windows domain, credentials are stored in a centralised ...