Understanding Your Environment

Walking into an existing environment is always *ahem* fun – especially when you’re trying to make it more manageable/secure and the previous person in charge of the environment knew just enough to get things running. Combine that fun with downtime costing the company hundreds/thousands of dollars a minute or more.

Prevention and Detection

The basic rule of Network Security is “prevention is ideal, detection is a must” – stopping something from getting into your network is ideal, but not realistic all the time. If a nation-state level actor or another entity with a lot of resources wants to find a way into your network – it’s only a matter of time before they find a way in. Once someone finds a way in, detection comes into play.

Published
Categorized as Thoughts

Try Hack Me

I find myself debating on going after the CEH after watching some further podcasts about it – apparently it’s only good if you need a specific DoD requirement met for employment – either that or you’re really just getting started on the red team side and don’t know where to go. I recently discovered tryhackme.com… Continue reading Try Hack Me

Enumeration

What types of connection does an attacker initiate during the Enumeration phase of an attack? What kinds of information are attackers looking for during this phase? How would you enumerate and prevent enumeration with: Email IDs Default Passwords SNMP Brute Forcing Active Directory DNS Zone Transfer What are protocol types and ports for for: DNS… Continue reading Enumeration

Published
Categorized as Notes Tagged ,

Job Interview Tips

I had the chance to participate in a panel to help students at the local tech college get an IT job by providing the perspective of an employer – I thought I’d try to impart all of the pieces I remembered from all of the panel members (including myself).

BurpSuite – DC435 June ’21

Presented by Santiago Special Note: First live meetup in over a year! Setup Ubuntu 20.04 – https://ubuntu.com/download/desktop BurpSuite CE – https://portswigger.net/burp/communitydownload Docker – https://docs.docker.com/engine/install/ubuntu/ Damn Vulnerable Web App – https://dvwa.co.uk/ BurpSuite Designed for web app security assessments Default Tools: Proxy Repeater Decoder Comparer Sequencer Intruder Extender CE vs Professional – Professional has a couple of… Continue reading BurpSuite – DC435 June ’21

Common NMAP Scans

There are several useful scan types for NMAP, here are the usages.

Published
Categorized as Notes Tagged

Scanning Networks

Section Overview Once an overall picture (footprint) of a network has been established, the next step is to take that information and probe for useful information about what’s in the network. Questions What are the objectives of a network scan? What is the difference between TCP and UDP? What are the flags used by TCP?… Continue reading Scanning Networks

Published
Categorized as Notes Tagged ,