-
amol_d replied to the topic VA of Blackberry Enterprise Server in the forum Mobile 8 years, 1 month ago
no worries and Thanks for the reply hitmonkey. i suppose what you could and could not do would be based on the contract with the client.
-
amol_d replied to the topic VA of Blackberry Enterprise Server in the forum Mobile 8 years, 2 months ago
hey so how did it go? I was hoping to read about your experience on this one
-
amol_d replied to the topic Mobile Web App Security in the forum Mobile 8 years, 2 months ago
IMHO more than the risk of someone sniffing 3G (and i have no idea how practical this is), the greater risk is a customer using public WiFi to talk to your website. That would let an attacker on the same access point to launch practical attacks (man in middle via arp spoofing etc) so I would always assume that the client data to a website can be…[Read more]
-
amol_d replied to the topic Mobile Phone Scanning in the forum Mobile 8 years, 2 months ago
Using a good RF scanner will work but like you said its not going to help much if the phones are off. Not to trivialize the issue, but a security guard that can frisk visitors will mitigate that risk to a large extent. Have lockers for visitors to put in their bags/purses etc before they enter the secure area.
What is the purpose of not allowing…[Read more] -
amol_d replied to the topic OSCP – Critique in the forum OSCP – Offensive Security Certified Professional 8 years, 2 months ago
Congrats DragonGorge! This was a very good review, and it lead to major deja-vu for me, especially the wife and kids part. I agree with most parts of the review. One thing I gotta say, because OSCP is made so hard to achieve, the exhilaration on passing is incomparable and you really feel like you have achieved something and have learnt a huge…[Read more]
-
amol_d replied to the topic (ISC)2 CSSLP in the forum Security 8 years, 2 months ago
Just passed CSSLP. I am glad i took it. The format and quetion structure is very similar to CISSP as you would expect (ie you either know or you dont, not like CISA where they play arround with the English language to make it trickier)
I think it is very very relevant to those who are into secure SDLC. While going through the material I already…[Read more] -
amol_d replied to the topic PWB/OSCP course related question in the forum OSCP – Offensive Security Certified Professional 8 years, 10 months ago
WHen i was stuck and did not know how to proceed, I found it useful to look at videos on youtube and securitytube.net to see how others had approached similar problems. g0tmi1k.blogspot.com has a lot of videos as well, although the machines being hacked are totally different, when you see the videos you understand the approach that is taken from…[Read more]
-
amol_d replied to the topic My OSCP review in the forum OSCP – Offensive Security Certified Professional 8 years, 10 months ago
Thanks don, i will!
j0rdy, i totally agree, the oscp videos on buffer overflows has to be one of the best introductions to buffer overflows for newbies. it was explained so well that i have become addicted to it, i am now on grey-corner.blogspot.com tutorials and corelan.be tutorials, to prepare myself for osce later on because i have heard that…[Read more]
-
amol_d replied to the topic My OSCP review in the forum OSCP – Offensive Security Certified Professional 8 years, 10 months ago
One more thing I would like to add:
there is a lot of self learning involved. Its a very good idea to go through videos on securitytube and g0tmilk’s blogspot site. I also found it useful during labs that, when I was suspecting a particular weakness existed but was not able to exploit it, to go on youtube/security tube and search. A lot of times…[Read more] -
amol_d replied to the topic My OSCP review in the forum OSCP – Offensive Security Certified Professional 8 years, 10 months ago
Thanks all!
Hi DragonGorge
I agree the requirements are ambiguos, because its very subjective, whats rudimentary to the offsec folks may not be to others. I shouldnot worry too much about the python knowledge though. I had very basic shell scripting and perl knowledge and 0 knowledge of python.
Although python is widely used, its not hard to…[Read more]