Question for Chris: I've been the SE Framework posted on the social-engineer.org website, very comprehensive.  How closely does the live class relate to it?

Totally agree!  Games help me a lot.  It gets out of the theoretical stuff or examples just for the sake of examples into showing application.  I learn the techniques/theories a lot easier when I can actually see practical application.  Show me theory, ehh I'll understand its application eventually.  Show me one application, my mind will run rampant with different ideas of how the technique can be applied elsewhere


Funny you mentioned that, I just thought of that this morning, but gotta wait til I get home tonight to see what I can find

And thanks for mentioning Scapy. I had taken a look at that before, but was a little discourage because I didn't understand Python at the time.  So I set it aside until I learned Python, but it slipped my mind!

I'm looking to learn some other languages in the future, so these other suggestions for Powershell, Ruby, etc will come in handy soon enough

From reading about the program, not everybody gets selected.  How many people they select for each room depends on how many classes they are teaching and how many people are attending the event.  And as tturner mentioned, STI students get priority.  2nd page of this document (http://www.sans.org/security-training/volguidelines.pdf) shows the priority listing: STI students, people who have facilitated previously, then first timers.

I've applied twice.  I didn't get chosen for the first event (one of the big SANS events that was half way across the country), and I'm still waiting to hear back on my 2nd application (community SANS event right here in town).  We'll see what happens!

I thought of a quick question for Chris.  I wanted to verify some info from his site first, but it looks like they're (.org/.com) are down at the moment   I'll check again later.

I would love to take this class (I'm finally starting to get the hang of Python and I'm falling in love with coding ), but won't be able to make it over to Maryland.  I pinged Joe on Twitter earlier today, and he said depending on interest, he may make the class available online.  Let him know via email, Twitter, etc if you'd be interested in an online version!

Heads up: DVD is being released this week

@SecurityTube (https://twitter.com/SecurityTube/status/164373737393754112)

I've never heard a number put on how many tools there are.  I'm curious as to where they got that number, or how they came up with it.  Not sure how'd they come up with a number like that either.  Or if they account for custom tools people make and throw up on their sites that aren't that widely used.  Or if they differentiate between tools created/used by blackhats or ones created/used by pentesters (LOIC vs Metasploit).  Or tools that aren't even being supported/updated/used anymore.

Hmm...curious.  But I don't doubt that there was a bit of exaggeration used there.

After years of trying, I've finally sat down and am learning to program (outside of HTML and a little bit of Javascript I've retained from high school).  Only this time I feel like I'm actually getting somewhere!  I feel like I'm actually starting to grasp it, which I'm really excited about.  I've taken up Python as I've seen it recommended most places as a great starting place.

I've wanted to help out a security project in some way, but lack of programming skills has kept me from doing much.  Now that I'm getting somewhere with my programming, I'm looking to help again.  I've read that most people start out helping with documentation and I'm totally cool with that.

If anybody has any open source security projects/tools that they know is looking for help (Python-based), please let me know

I read a blog post somewhere with a short list of projects that were looking for help, but I can't seem to remember where I read that and didn't bookmark it

I was having problems last night after seeing this thread, but figured they were doing updates or something.  But just checked again and still the same thing: after a few clicks around the site, I start getting 404 errors for everything.

I'm not into working with files yet in my programming learning yet, but can you identify line numbers of the lines you find "AUTHORITY-CHECK<CRLF>" on?  For example, as your script is searching through the text file, it finds "AUTHORITY-CHECK<CRLF>" on line 5.  If so, maybe you can check that line number + 1 to see if the next line (5 + 1) begins with "OBJECT..." (if "line number matching "AUTHORITY-CHECK" + 1 startswith "OBJECT").  And if it does, then strip off the carriage return on the "AUTHORITY-CHECK" line and print both of the lines together as one. (print(line 5, 5+1)).

I hope that makes sense I'm studying my Python material right now and the stuff I'm learning has me thinking about this thread again haha

Great first article!  I really enjoy listening to the Social-Engineer podcast and look forward to future articles from Chris.

As for free courses on psychology, there's a few over at Academic Earth from Yale, Berkeley, and UCLA:

http://www.academicearth.org/subjects/psychology

Ooh, I see.  That makes more sense to me now...and beyond my programming knowledge lol.  Hopefully somebody else here can chime in with more experience...

I'm just learning to program so pardon my ignorance if I'm way off here haha, but is there an equivalent to Python's rstrip() in Powershell?  With rstrip() in Python, you can strip off all whitespaces of a string or specify certain characters to remove - which would be carriage returns ("\r" in Python) in this case.

Page for rstrip() in Python:
http://www.tutorialspoint.com/python/string_rstrip.htm

Tweet regarding Op Blackout from Anonymous:

https://twitter.com/#!/YourAnonNews/status/161718492943499264

Thanks for the capture.thefl.ag link, Alan!


Your link works though