Jose Campo
@JAC_DBA
Followers
7
Following
89
Media
13
Statuses
151
Most pentest courses mention SQL Server, but skip over the basics. They don't teach basic permissions or how Logins and DB users work together. Let me explain MSSQL permissions using a house analogy. š Read it here: . #MSSQL #PEN200 #PEN300 #OSCP.
duckwrites.medium.com
I have not seen a single pentest course that explains basic MSSQL permissions in a simple way. Not even HTB Academyāāāand that is one ofā¦
0
0
0
What a Simple HTTP Request Can RevealĀ šš». You donāt always need brute-force tools or scanners to learn about your target. š Learn how:. #OSWA #WebPentesting #AppSecurity #curl #CBBH.
duckwrites.medium.com
Enumeration is always the first step in any pentestāāāand that includes web applications. Even a basic HTTP request can uncover valuableā¦
0
0
0
Simple steps to enumerate #AWS #S3 #Buckets and check if youāre unintentionally exposing sensitive info :.
duckwrites.medium.com
Pentesting is rapidly shifting toward the cloud. And with AWS being one of the biggest players, itās crucial to understand how to secureā¦
0
0
0
Stolen passwords can be reset. But what about stolen #biometrics?. Let me share a storyāmy storyāabout something that happened nearly 20 years ago while I was boarding a plane back to #Colombia. š Read the full story:
duckwrites.medium.com
Today, Iām still writing about cybersecurity, but this oneās personal, less technical. A true story though. Something that recentlyā¦
0
0
0
Donāt throw a lot of vCPUs to your OSCP VM. It doesnāt need more than 2 vCPUs . 4 at max . Too many vCPUs will actually make your laptop slower and can cause you issues during your exam :. #PEN200 #vmware #overAllocation #oscp #hashcat #VMperformance.
duckwrites.medium.com
I ran a simple but eye-opening experiment. I took a common Kerberos TGS hash, used the popular rockyou.txt wordlist, and cracked it using Hashcat with 2, 4, 6, and 8 CPU cores ā all inside a Kaliā¦
0
0
0
Getting Stuck on HTB or OffSec PG Boxes? Progress Starts When You Let The Ego Go:.
duckwrites.medium.com
If youāve ever done HTB or OffSecās Proving Grounds boxes, youāve probably been stuck before. You scan the box, try all your tools, go over the results again and again but nothing works. Even thenā¦
0
0
0
#OSCP tip:. Try this 1st when obtaining a reverse shell from embedded Linux distros or containers:. #reverseShell #Pentesting #busybox #netcat #nc #PEN200 #Linux.
duckwrites.medium.com
As an OSCP aspirant, weāre always on the lookout for quick and efficient ways to obtain a reverse shell during penetration tests. Oneā¦
0
0
0
OSCP quick tip:. For the OSCP exam Worry less about network lag and more about MTU issues. Latency: .adds delayāthings still function. Bad MTU: .Oversized packets (common with VPN/tunnels) get dropped ā no reverse shell.
duckwrites.medium.com
Rerverse Shell ā AI generated
0
0
0
RT @GFritchey: HEY!!!!. Guess what's finally available on Amazon If you REALLY want a print copy of my book on execution plans, you can getā¦.
0
7
0
RT @kleegeek: I'm proud to announce a new ebook with @jdgreen - Gorilla Guide to #Storage Strategies for #sqlserver.
0
6
0
Short but great blog about NUMA nodes.
Blogged: How many NUMA nodes should I have if I have lots of RAM and just a few cores? #blogged #en #sqlserver.
0
0
0
I am very excited! Oracle guys, now there will be no excuse, lol .
0
0
0
RT @DBArgenis: Best answer I've seen to the question "Why SQL Server on Linux?": "Because Ballmer has left the building".
0
4
0