Dinosaur Helpdesk System
Welcome to NoShitSecurity, a place for you to find your foothold in the cybersecurity industry.
Our challenges feature everything from simple cipher suites and steganography to advanced binary exploitation and shellcode– not to mention black boxes built on cutting-edge cloud architecture to help you practice like a pro. Our course and challenge architects are incredibly capable, and always ready to help you learn.
Everything you will need to complete our current challenges is listed below
Click here to open a tab to the CyberChef suite of tools; pin this tab
Click here for our essential terminal resources (Special thanks to Nate Landau)
Click here to snag a copy of Karkinos; use this like CyberChef
Click here for the Photopea image processor (like Photoshop)
Click here for Rick DeJager’s Stegseek, the world’s fastest steghide cracker
Click here for Pedro Augusta’s PNG steganography online tool
Click here for Chiragh Arora’s article covering EXIFtool features and usage
Click here for Dheeraj Gupta’s article covering Steghide features and usage
Click here for Vivek Gite’s comprehensive guide to the Unix “dig” utility
Click here for information about PGP and cryptography in general
Click here for information about the Wireshark protocol analyzer
Click here for information about Binwalk from ReFirm Labs
Click here for information about Nmap from Gordon Lyon
Click here for FinalRecon – The last recon tool you’ll need
Glossary of techniques and concepts used in our challenges
Obfuscation is a method of encoding things; usually very easy to reverse (ROT13, ROT47, Base64)
Symbol replacement encryption means that the symbols require a cipher or key to understand
The Vigenère Cipher was considered the greatest advancement in cryptography in over 1000 years
The process of encrypting and decrypting messages involves keys; it works forwards and backwards
Techniques for designing and implementing algorithm designs are called algorithm design patterns
In symmetric-key cryptography, a single key is used to encrypt or decrypt a body of data
In public-key cryptography, one key decrypts or verifies what the other key encrypts or signs
Steganography is the practice of concealing a message within another message or a physical object
Challenge Authentication Protocol (CHAP) requires you to encode a string with a known secret
CHAP can be used alongside public-key infrastructure to securely create an encrypted TLS tunnel
Triple DES with three independent keys is still in use today by the electronic payment industry
The One-Time Pad is a version of old military technology (1882) that is still in use today
A Vernam cipher whose key is as long as the message becomes a one-time pad, a theoretically
unbreakable cipher
Digital forensics is a branch of forensic science encompassing the recovery and investigation
of material found in digital content or devices
Open-source intelligence (OSINT) is a multi-factor (qualitative, quantitative) methodology for
collecting, analyzing and making decisions about data accessible in publicly available sources
to be used in an intelligence context
Check back for more information as it becomes available
If you are having trouble with your physical key, please contact support@noshitsecurity.com