https://www.policytopackets.com/tags/easy/ Recent content in Easy on Policy to Packets Hugo -- gohugo.io en reedveggleston@gmail.com (Reed Eggleston) reedveggleston@gmail.com (Reed Eggleston) © 2026 Reed Eggleston Mon, 09 Mar 2026 18:29:00 +0000 https://www.policytopackets.com/writeups/hackthebox/machines/expressway/ Mon, 09 Mar 2026 18:29:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/hackthebox/machines/expressway/ Easy Linux Box. Exploiting IKE Aggressive Mode to capture and crack a VPN PSK hash, then abusing a sudo CVE for root. https://www.policytopackets.com/writeups/letsdefend/challenges/disclose_the_agent/ Mon, 23 Feb 2026 15:48:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/disclose_the_agent/ Analyzing an SMTP PCAP to identify leaked credentials, decode Base64 authentication data, extract and reconstruct an email attachment from network traffic, and verify file integrity through hashing. https://www.policytopackets.com/writeups/letsdefend/challenges/investigate_web_attack/ Mon, 23 Feb 2026 12:14:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/investigate_web_attack/ Analyzing raw Apache access logs with Bash tools to identify reconnaissance with Nikto, forced browsing, successful login brute force activity, and command injection leading to account creation on the target system. https://www.policytopackets.com/writeups/letsdefend/challenges/http_basic_auth./ Mon, 23 Feb 2026 11:41:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/http_basic_auth./ Analyzing a PCAP file to identify HTTP GET requests, enumerate server and client details from HTTP headers, and decode Basic Authentication credentials using Wireshark and CyberChef. https://www.policytopackets.com/writeups/letsdefend/challenges/shellshock_attack/ Sat, 14 Feb 2026 22:48:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/shellshock_attack/ Analyzing Shellshock attack activity in a PCAP file using Wireshark, identifying the target server details and the injected command. https://www.policytopackets.com/writeups/letsdefend/challenges/port_scan_activity/ Sat, 14 Feb 2026 22:10:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/port_scan_activity/ Analyzing port scan activity in a PCAP file using Wireshark, identifying the scanning host, discovered systems, and network indicators. https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_doc/ Sat, 14 Feb 2026 00:15:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_doc/ Analyzing a malicious Word document using VirusTotal to identify RTF exploit behavior, CVE-2017-11882 abuse, payload delivery, and network communication. https://www.policytopackets.com/writeups/letsdefend/challenges/remote_working/ Fri, 13 Feb 2026 23:08:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/remote_working/ Analyzing a malicious XLS file using VirusTotal to identify detection signatures, dropped files, spyware download URLs, and file intelligence indicators. https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_vba/ Fri, 13 Feb 2026 16:41:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_vba/ Analyzing a malicious VBA macro document, decoding obfuscated hex strings, identifying payload delivery, and investigating HTTP communication and WMI execution techniques. https://www.policytopackets.com/writeups/hackthebox/challenges/slippy/ Thu, 12 Feb 2026 21:20:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/hackthebox/challenges/slippy/ Demonstrating Zip Slip exploitation, Jinja2 SSTI abuse, and Flask-based web application compromise within a Docker environment.