NerdJutsu

Enumeration

What types of connection does an attacker initiate during the Enumeration phase of an attack? What kinds of information are attackers looking for during this phase? How would you enumerate and prevent enumeration with: Email IDs Default Passwords SNMP Brute Forcing Active Directory DNS Zone Transfer What are protocol types and ports for for: DNS […]

June 9, 2021
Job Interview Tips

I had the chance to participate in a panel to help students at the local tech college get an IT job by providing the perspective of an employer – I thought I’d try to impart all of the pieces I remembered from all of the panel members (including myself).

June 8, 2021
BurpSuite – DC435 June ’21

Presented by Santiago Special Note: First live meetup in over a year! Setup Ubuntu 20.04 – https://ubuntu.com/download/desktop BurpSuite CE – https://portswigger.net/burp/communitydownload Docker – https://docs.docker.com/engine/install/ubuntu/ Damn Vulnerable Web App – https://dvwa.co.uk/ BurpSuite Designed for web app security assessments Default Tools: Proxy Repeater Decoder Comparer Sequencer Intruder Extender CE vs Professional – Professional has a couple of […]

June 3, 2021
Common NMAP Scans

There are several useful scan types for NMAP, here are the usages.

June 3, 2021
Scanning Networks

Section Overview Once an overall picture (footprint) of a network has been established, the next step is to take that information and probe for useful information about what’s in the network. Questions What are the objectives of a network scan? What is the difference between TCP and UDP? What are the flags used by TCP? […]

May 30, 2021
Footprinting and Recon

Section Overview When profiling a target it’s important to know what you’re up against. There are several methods to gain information – most of which is available publicly. The information posted are quite often valuable for job seekers and people looking to do business with the target, however these same sources of information can be […]

May 30, 2021
Introduction to Ethical Hacking

Section Overview There needs to be a solid grounding in basic terms and ideas that used in Penetration Testing as a whole and by extension Ethical Hacking. An Ethical Hacker needs to understand systems and why they are built the way they are, as well they need to understand things such as legal and regulator […]

May 28, 2021
Study Methodology

I’ve never been a great student – I’ve always just gone off of what I can remember from lectures and simply reading assigned pages. That approach typically allowed me to recall facts well enough that when it came test time I’d do well enough – usually Bs and Cs but hardly ever As and it […]

May 26, 2021
Going for my CEH v11

I’ve decided to go after the Certified Ethical Hacker certification v11. Why do it? For a long time, I always wanted to be a hacker, even though I had no idea what it actually meant. Now that I’ve been involved in the security space, I understand that a hacker (at least in the definition I […]

May 26, 2021