Hacker, Enthusiast, etc…
Last fall, I’d started to receive marketing emails from Pentester Academy about a few different bootcamps that were starting at a really heavily discounted rate. I get these kinds of offers all of the time but the fact that these courses were focused on Windows infrastructure from an offensive perspective really stuck out to me. ... Continue Reading →
[Background Info] So, if you've been paying attention, one of my main life goals is my Offensive Security Certified Professional (OSCP) certification from OffSec. This is a grueling test that lasts for a solid 24 hours, in which you have to reach root/system privilege on 4 different victim machines and develop and perform a buffer... Continue Reading →
Basic Enumeration First, we're going to gather some initial recon like listening services, operating system etc.. This thing has a SLEW of listening ports so let's jump right in and start at the top! Whenever we have web services, I always make it a point to check that first. It sort of helps me make... Continue Reading →
Hey everyone, Just wanted to drop a note about BSides and say thank you to all of the sponsors and MiSec for putting on this great, one day workshop. Everything from an excellent keynote by my friend Matt Johnson of PoshSec fame, to an excellent jeopardy style CTF hosted by CTF313, complete with ducks...lots of... Continue Reading →
System Information IP Address: 10.10.10.84 Operating System: FreeBSD 11.1 Current Status: Retired Enumeration Beginning with a port scan, we are presented with TCP/80 (HTTP) and TCP/22 (SSH). My first idea was to attempt to list the php scripts shown on the page for any sort of juicy information left unattended. ini.php - Basic... Continue Reading →
Well, I finally made it. Being in the Detroit area for the whole of my information security career, GrrCon has always been a must attend event but every year when this gathering comes back around, something always seemed to get in my way. No more! Day 1 The experience started on Thursday morning with a... Continue Reading →
Hey everyone! I've decided to start publishing various tutorials as I have time so I thought I would start in the same place that I started years ago when I first found my interest in information security. Before we jump in, I have the same material in a video if anyone prefers that. Cracking Password... Continue Reading →
August 14, 2016 Back in July, I had the privilege of participating in my first SANS course and I would like to share some of that experience and my journey to certification which is a direct result. As I prepared for SEC504, I have to admit that I wasn’t sure what to expect. Anyone worth... Continue Reading →
I recently ran into an issue where I needed to export the contents of my Intermediate Root Certificate Authority store and because this is such a manually effort with over 100 certificates, I turned to Powershell and found a very easy method of doing so and thought I would share. First, we are going to... Continue Reading →
So, Right before the holiday, I get wind of the SANS Institute Christmas hacking competition. This was no small feat but through collaboration with some of my @MIsec, @SecureKomodo (Check him out at http://securekomodo.com), and other folks, we were able to hack 'till our hearts content. Below, you will find my officially submitted write-up for... Continue Reading →
@n3tl0kr 