Might consider giving some away, RT for an opportunity to win!
#BicCertified
designed these a year ago and they've been super popular!!! I've got 100 available a few already reserved.
When you're ready to start the path remember you need to be able to not only hack but also speak to customers in meetings, write reports and translate tech to business. There's a big disconnect between the actual security consultant side and the hacking sadly.
One of the longest posts I've done on my blog in a while, it's a long read but hopefully it helps someone more personal notes I've been keeping on
#nmap
flags and explaining things
#LTR101
You know that
#BloodHound
for Active Directory is a great tool, right? Well, our
@ZephrFish
has written an in-depth walkthrough on how to best use it for
#redteaming
. He’s nice like that.
Bob Ross on IT: We're just going to set ourselves up a nice little domain controller over here. Don't forget to deploy your roles and ACLs, no matter how big or small each one of them is unique and special just like you. Don't forget happy little outages and maintenance.
While I've started work on a second book, I've also decided to drop the minimum cost of my
#LTR101
book to free feel free to share with those who are looking at starting out in pentesting or bug hunting, I've been told it's a pretty good read! RT please
SSH blog is about 60% done, aiming to publish tomorrow. So far covering:
Enabling key based authentication and generating secure keys!
Enabling Multi Factor Authentication (MFA)
Enabling Rate-Limiting and Firewalling
Obscuring Your Setup
Login Notifications via Telegram & Slack
Genuinely who thought this was a good idea, locate your camera via the cloud with pin point accuracy. Feels like the car alarm research all over again 🙈
After many discussions with people looking to get into this sector I've decided that my book will remain free even after the new year! I also have plans to write a second potentially about tricks of the trade...
Couldn't sleep, so I rewrote a tool I wrote a while ago for google dorking, there are tonnes of tools out there that do it already, but I fancied a challenge. Check it out
#BugBounty
#Pentesting
#OSINT
Not written in a while had this in drafts for a few months(writing a bit each weekend) but finished it off today going to write up a few other parts, probably on some other Azure technologies as I continue my learning path.
#RedTeam
#BlueTeam
Not that anybody ever trusts PoCs that I put out anyways but I ported the ruby exploit code for the
#MOVEit
vulnerability to Python if anybody's interested
I went to my first fight club meeting last night, i showed up late so i missed the first few rules but it was awesome i love fight club cant wait for the next meeting
Incredibly excited to be joining
@Lares_
as their first hire this side of the Atlantic, looking forward to learning and enriching my knowledge. Starting on Monday 🎉
So today was my last day at
@PenTestPartners
, it's been a blast folks, really enjoyed the last three and a half years. Thanks to
@TheKenMunroShow
&
@tautology0
for offering me the opportunity three and a half years ago! 🔥