Posted on 16 Mar 2023 by Ray Heffer
I’m constantly seeking new opportunities to enhance my expertise and broaden my understanding in the field of cyber. In 2021, I successfully completed the Certified Ethical Hacker (CEH) exam offered by EC-Council, followed by the CISSP last year—both of which showcased diverse aspects of cybersecurity. In my day-to-day work, I collaborate with both security engineering teams and CISOs, as I hop from one meeting to the next, which requires me to transition between technical and strategic discussions. This skill has proven to be incredibly valuable in my career.
As someone who has always been deeply immersed in the technical aspects of cybersecurity, I find it essential to maintain and nurture that passion, even as I continue to evolve in my career. Participating in Capture The Flag (CTF) challenges during my evenings allows me to stay up to date with my hands-on skills. This is why I find the Offensive Security Certified Professional (OSCP) exam so appealing.
Posted on 04 Feb 2023 by Ray Heffer
Note: Once the exam is finished, you will have a further 24 hours to upload your documentation.
Pass: 70/100 points to pass the exam
60 points: BOF (Buffer Overflow), 1 Easy, 1 Hard
40 points: Active Directory Set
Thanks to TJ Null, for this awesome list of Hack The Box an Proving Grounds OSCP like machines to practice with. The first link below for his blog outlines OSCP boxes for both Proving Grounds and HTB, plus there is an updated HTB list by Rana Khalil, so thanks also to Rana!
Here is the order that I’d recommend based on other people experiences with the OSCP exam. Start with TryHackMe, especially if you are new to this. TryHackMe will be a much easier point of entry for beginners. Then, when you are more comfortable with Kali Linux and have the basics down, move on to the rest on this list.
Create a new Udemy account for each course to get the discounts, otherwise if you use an existing account you’ll end up paying full price.
You cannot use any of the following on the exam:
Posted on 02 Dec 2022 by Ray Heffer
I recently stumbled upon a Reddit post, where the op posted 19 screenshots, showing the email correspondence between a ransomware group and a representative at an Australian health insurance provider, Medibank. You can read details of the breach here.
What I find fascinating about this, is how Medibank used a negotiation tactic that can be very useful in these situations. They played dumb. This allowed them to delay the negotiation over several days, whilst at the same time, gleaning as much information from the adversary as possible. It’s very likely that from the very start, Medibank had no intentions of paying the ransom.
The psychology behind playing dumb, is all centered around manipulation. By feigning ignorance, you can quickly let the adversaries guard down, and they feel less intimidated.
Like one commenter in the Reddit post mentioned, these emails weren’t written by some “incompetent rep”, but using a fake name (Alice), and playing the innocent victim, they were able to gain as much information about the attack as possible.
Tox is harder for us
From what we are seeing, it seems like you are very talented at what you do. We can see your connections through the VPN, but want to know that other access you used?
What’s also very interesting is that the data was exfiltrated, but not deleted or encrypted. The ransom in this case, was the threat of exposing the PII (Personally identifiable information) on a Tor site.
Tagged with: privacy security ransomware breach hackers
Posted on 02 Jun 2022 by Ray Heffer
Yes that’s right, the
Nmap command in my header image was the same as Trinity used in The Matrix Reloaded (2003). But have you wondered what
-sS does, or
-O? I thought I’d share my cheat sheet which may come in handy if you need a quick reference for TryHackMe or HackTheBox.
First, a quick breakdown on the command Trinity used:
nmap -v -sS -O 10.2.2.2
-v - Verbose mode. This provides additional information when verbose mode is used, such as the time of scans, and number of hosts and ports scanned.
-sS - This is the Scan Type. In this case a TCP SYN scan, also known as a Stealth Scan.
-O - Operating system detection. If you look closely at Trinity’s output, no OS was matched.