Today, I decided to practice one CTF per day. I chose forensics from the easy level as I am a beginner.
SHA-256 is a hash function used to convert for example a given plaintext into an unreadable form. It is widely used for password hashing. For example:
Password: “my_secure_password”
Hash: 2bb80d537b1da3e38bd30361aa855686bde0ba6f8a7e0e4b4b5d8a6e1d9d6b8a
Hashing is a one-way function, meaning we cannot retrieve the original data from the hashed value.
Checksums can be used to verify the integrity of data. If the data changes, even slightly, the checksum will be completely different, indicating that the data has been altered. This is how it works:
Checksums are generated from data using a cryptographic algorithm, in this case, a SHA hash function. The checksum of the original data is compared with the checksum of the received data. If they match, the data is considered valid.
We can use the command sha256sum 'filename' to get the checksum of a given file.
I used a shell script .
SHA-256 is a hash function used to convert for example a given plaintext into an unreadable form. It is widely used for password hashing. For example:
Password: “my_secure_password”
Hash: 2bb80d537b1da3e38bd30361aa855686bde0ba6f8a7e0e4b4b5d8a6e1d9d6b8a
Hashing is a one-way function, meaning we cannot retrieve the original data from the hashed value.
Checksums can be used to verify the integrity of data. If the data changes, even slightly, the checksum will be completely different, indicating that the data has been altered. This is how it works:
Checksums are generated from data using a cryptographic algorithm, in this case, a SHA hash function. The checksum of the original data is compared with the checksum of the received data. If they match, the data is considered valid.
We can use the command sha256sum 'filename' to get the checksum of a given file.
I used a shell script .
🔥2
Samri’s Log
Today, I decided to practice one CTF per day. I chose forensics from the easy level as I am a beginner. SHA-256 is a hash function used to convert for example a given plaintext into an unreadable form. It is widely used for password hashing. For example:…
I will post about the algorithm after I fully understand it
Let walkthrough this ctf
Polyglot files are files that can mask another file type. For example, when you download a file, for instance a PDF from the internet, it might contain a hidden program. When you open it, the hidden program can run, executing malware or a virus. This is why it is bad to download files from untrusted sources.
To see the list of all embedded file types, you can use the Linux command:
binwalk <filename>
binwalk is a built-in tool used to scan files and identify embedded file types.
In this CTF, I used the foremost tool, which is typically used to recover deleted files, but in this case, it can be used to extract masked files in a polyglot. To use foremost, you need to install it first:
sudo apt install foremost
then run foremost <filename of polyglot>
Polyglot files are files that can mask another file type. For example, when you download a file, for instance a PDF from the internet, it might contain a hidden program. When you open it, the hidden program can run, executing malware or a virus. This is why it is bad to download files from untrusted sources.
To see the list of all embedded file types, you can use the Linux command:
binwalk <filename>
binwalk is a built-in tool used to scan files and identify embedded file types.
In this CTF, I used the foremost tool, which is typically used to recover deleted files, but in this case, it can be used to extract masked files in a polyglot. To use foremost, you need to install it first:
sudo apt install foremost
then run foremost <filename of polyglot>
👍2
Here is the list of platforms that offer challenges with the CTF style
CyberTalents
PicoCTF
Portswigger (web challenges)
Rootme (web challenges)
Cryptohack (cryptography challenges)
Cyberdefenders (digital forensics)
TryHackMe
HacktheBox
You can find public CTF competitions at ctftime.org
CyberTalents
PicoCTF
Portswigger (web challenges)
Rootme (web challenges)
Cryptohack (cryptography challenges)
Cyberdefenders (digital forensics)
TryHackMe
HacktheBox
You can find public CTF competitions at ctftime.org
Jobs in Web Security
Application Penetration Tester
Bug Bounty Hunter
Application Security Administrator
Source Code Auditor
Mobile Security Engineer
Application Penetration Tester
Bug Bounty Hunter
Application Security Administrator
Source Code Auditor
Mobile Security Engineer
Today I was reading ML research paper. This is the result table . Let me explain you each evaluation metrics
The first four are basic evaluation metrics for a classification model. The model is considered to perform well
if it correctly identifies the False value (True Positive, TP) and True value (True Negatives, TN). However, if the model incorrectly identifies an False value as True (False Negative,
FN) or a True value as False (False Positive,
FP)
Performance metrics
Precision: measures the proportion of correctly classified false data points out of all the data points predicted to be false.
Recall (also known as sensitivity) : measures the proportion of correctly classified false data points out of all the actual false data points.
precision is helpful when looking for false negative. We can see we have low precision which means the model is predicting true values as false value ( high false negative )
Recall express true negative ....
The first four are basic evaluation metrics for a classification model. The model is considered to perform well
if it correctly identifies the False value (True Positive, TP) and True value (True Negatives, TN). However, if the model incorrectly identifies an False value as True (False Negative,
FN) or a True value as False (False Positive,
FP)
Performance metrics
Precision: measures the proportion of correctly classified false data points out of all the data points predicted to be false.
Recall (also known as sensitivity) : measures the proportion of correctly classified false data points out of all the actual false data points.
precision is helpful when looking for false negative. We can see we have low precision which means the model is predicting true values as false value ( high false negative )
Recall express true negative ....
Samri’s Log
Today I was reading ML research paper. This is the result table . Let me explain you each evaluation metrics The first four are basic evaluation metrics for a classification model. The model is considered to perform well if it correctly identifies the False…
F1-Score provide a balanced measure between precision and recall.
True Negative Rate (TNR) - is TN/TN + FP
True Positive Rate (TPR) - is TP/TP + FN
True Negative Rate (TNR) - is TN/TN + FP
True Positive Rate (TPR) - is TP/TP + FN
Lately I was in to cyber security when I create this channel but now I will be posting on ML/AI continuously.
Samri’s Log
Have you taken this test https://personalitytests.com/riasec/
If you ask me why I named my channel 'investigator ' here is why ... Good Night 🚶♀️➡️
😁3
Forwarded from Opportunity Alerts📢
#Opportunity_Alerts📣
🌍 CALLING ALL TECHIES, ACTIVISTS & CHANGE-MAKERS ACROSS AFRICA!
💥The Sub-Saharan Africa Digital Democracy Virtual Hackathon is your chance to be part of a movement building digital tools that protect rights, amplify voices, and empower communities. This exciting regional hackathon is part of the global Digital Democracy Initiative, bringing together the brightest minds across Africa to imagine and create tech for social impact.
Build solutions that:
🔸Strengthen governance & civic participation
🔸Protect activists and digital rights
🔸Combat disinformation, surveillance, and censorship
🔸Empower marginalized voices & communities
🗓9–10 May 2025 | Virtual
🎯Ages 18–35 | Teams must include at least one female member
💰5 winning teams will receive a US$ 7,500 grant to implement their idea.🏆
🔗Apply: https://hackathon.magambanetwork.com
📝Deadline: 30 April, 2025
"If this isn't for you, please share it with others who might be interested."🙏
Follow us👇for more opportunities
@opportunity_alerts
🌍 CALLING ALL TECHIES, ACTIVISTS & CHANGE-MAKERS ACROSS AFRICA!
💥The Sub-Saharan Africa Digital Democracy Virtual Hackathon is your chance to be part of a movement building digital tools that protect rights, amplify voices, and empower communities. This exciting regional hackathon is part of the global Digital Democracy Initiative, bringing together the brightest minds across Africa to imagine and create tech for social impact.
Build solutions that:
🔸Strengthen governance & civic participation
🔸Protect activists and digital rights
🔸Combat disinformation, surveillance, and censorship
🔸Empower marginalized voices & communities
🗓9–10 May 2025 | Virtual
🎯Ages 18–35 | Teams must include at least one female member
💰5 winning teams will receive a US$ 7,500 grant to implement their idea.🏆
🔗Apply: https://hackathon.magambanetwork.com
📝Deadline: 30 April, 2025
Follow us👇for more opportunities
@opportunity_alerts
👍1
Samri’s Log
I lost my strike yesterday 😭 ... FYI it is in kaggle
I spent my morning learning data science, then attended class. After that, I had basketball training and returned home feeling very tired at 8 PM. Despite not being in charge of designing our hackathon website, I spent sometime with the design. Eventually, I went to sleep since I needed to travel to my town today. In all the hustle, I forgot to edit my notebook or do anything on Kaggle. My 17 days consistency is gone 😕.
😭2