j0rDy

Sup guys!? currently working on eCPPT AND eWPT, as if i wasn’t busy enough 😉

Got this in my mailbox yesterday:

In conjunction with the launch, EC-Council has prepared a complimentary First Look session for cyber professionals to test drive the program. Details below:

CEHv8 First Look (Open to the public)

Date : May 8th, 2013
Time : New York 10am / Singapore 10pm / London 3pm / Dubai 6pm / India 7.30pm / Singapore…[Read more]

nice, thanks for sharing!

remember that when using this for a pentest that there is no way you can guarantee that the gathered information is not gathered/stored by 3rd parties (in this case yougetsignal). In this case i recommend to do these checks from your own systems…

when using for your own fun and profit, who cares  😉

great news! now i just have to choose which one i will be taking a swing at somewhere around fall… 😉

i have it already sitting on my HTPC, now i just have to find the time to watch it :-X

NICE! congrats man, way to go on sticking on it for so long and still manage to get the energy on giving it another go.

thanks guys!

i used non official courseware to study for the exam, also did a lot or extending research on the topics at hand, which helped me alot to prepare for the exam.

I am not going to upgrade my certifications to LPT. I simply refuse to pay for being able to put the title behind my name which has no additional value to my knowledge.

I’m…[Read more]

WOW, now this is just plain cool! 8) this is in the top 3 of best giveaways, no doubt! Good luck everyone!

:kuch:ftp://ftp.halifax.rwth-aachen.de/backtrack/:kuch:
(was available before the torrents, i installed it in a VM, seems legit…)

Hey, perhaps a little bit late, but good luck! any update on how it went? i’m guessing you are sleeping it off right now, hehe…

i’m missing two things here:

along with alle the theoretical knowledge you can gain from the above mentioned sources (books and what not) spending time behind the keyboard just doing it (for example, configure windows security wise, fiddle with permissions for users on linux) gives you a great understanding on how the things work you want to…[Read more]

Congratulations! Have fun with this one, its a great prize!

I am not familiar with WebInspect, but i use burp pro every day, and the more i rely on it, the more features i discover (even after multiple years of use).

It is so much more than only a proxy. You can actively or passively scan webapplications, compare requests, use the intruder to perform brute forcing, it even has a compare function for…[Read more]

first of all, props to eindbazen, i know some of them personally and they are hardcore. The vulnerability is indeed quite simple, but do not forget that the situation has to be just right, you have to actually run PHP in CGI. But still, kudo’s to eindbazen for finding it and trying to disclose it responsibly (they discovered this vulnerability in…[Read more]

Now i know i can not be the only one that likes 8bit chiptunes. I do not listen to it all the time, but sometimes it really gets me in the zone, just like watching the movie hackers. At the moment i like wiklund, very good tunes: http://www.myspace.com/alexwiklund Normally i listen to rap/hiphop, even the cheesy kind like souljaboy and nicky…[Read more]

@YuckTheFankees wrote:

I recently started a computer forensic internship, so I am gaining the oh so valuable experience…but I still can’t decide if I want to have a career in computer forensics or pentesting. I’ve been searching keywords of CF and pentest jobs on Dice, Indeed, and Simply Hired and there are a few things that scare me about the…

[Read more]

@wlandymore wrote:

If I run:
‘) AND (select * from information_schema)– (((1=1

I get the error “table glocken_emil.information_schema doesn’t exist” so it would appear that they have appended glocken_emil to all of the tables here. I guess that tells me a little bit about the structure…

hmm, from here you can go two ways: try to guess the…[Read more]

@ajohnson wrote:

If your interest is in enterprise wireless, CWSP is your undoubtedly your cert of choice. OSWP features on cracking WEP/WPA-PSK, rainbow table generation, GPS mapping, client attacks (karmetasploit), etc. This is all obviously good information to know if you manage wireless networks, but the CWSP takes you through the entire…

[Read more]

low hanging fruit refers to easily hackable hosts. Often these hosts can be hacked using automated attacks like DBautopwn or simple password guessing (root/toor) for example. Other hosts that require more skills are considered harder. My advice is look for the low hanging fruit in the labs first, do not worry about skipping a few hosts because…[Read more]

if i had a dollar for everytime i reverted a host in the OSCP labs…