m0wgli

Test Reply

If you are using Windows take a look at the Microsoft Family Safety/Microsoft Family features (free). It claims to block access to adult content, and you can also configure it to only allow access to specific web sites if you want.

@The New LT72884 wrote:

So why is it so vital to know that the server is running vsFTPd2.0.4 or openssh?? to me its just saying that it has ftp and ssh on it. no big deal? what is it about those versions im not aware of?

IIRC, service version is not important (for determining possible exploits), it’s that those services are available to connect to.

What is your De-Ice 1.110 Virtual machine guest operating system set to?

If it’s not “Other Linux 2.6.x kernel” try changing it to that.

I have a subscription with pentesteracademy.com, which is the same company. From looking at my e-mails it was slightly less than 24 hours from when I made the initial payment to recieving the registration details.

SecurityTube: Contact Us

How long have you had to wait so far?

Testing for SSL-TLS (OWASP-CM-001)

LOL, the Call Offensive Security video is also entertaining.

Take a look at VulnHub and the OWASP Vulnerable Web Applications Directory Project.

Congrats SephStorm, well deserved!

A great start to the new year for you.

I don’t know, but I’m guessing Don maybe referring to the April giveaway.

Winners of Free Hacking Courses at ShowMeCon 2014 Announced

LinkedIn: The Ethical Hacker Network

@KrisTeason wrote:

For $3999 you can get access to all 9 of their courses (elite version). Insane deal!

+1

They are also currently offering a Christmas gift card for $150 off of new enrollments into individual courses as well, this also includes a further price reduction for adding additional course’s if purchased at the same time:…[Read more]

The Demo Gods weren’t very kind to Guiseppe, but it was an interesting webinar none the less.

The XXE (XML External Entity) attack demonstrated was something new to me. I haven’t tried this out myself yet, but the XML External Entity Training: A virtual machine image containing a sample XXE vulnerable web app looks like it could be useful for…[Read more]

Thanks for sharing your thoughts.

I got to play Netwars a few years back, and it was a great experience. I’d love to have a go at CyberCity from an offensive perspective, last years SANS Holiday Challenge was based on CyberCity. If you’re interested it’s still available for download, although it’s focused on analysing the attacks rather than…[Read more]

Interesting, I wasn’t aware of that.

Looking at the Experience Waiver for the CISSP requirements, it’s actually got me considering it again.

Opinions aside, both the CISSP and C|EH are both widely recognized from a HR perspective.

Just to elaborate on the CISSP option suggested by rattis:

The CISSP Professional Experience Requirement states that “You must have a minimum of five years of direct full-time security work experience in two or more of these 10 domains of the (ISC)² CISSP…[Read more]

Make use of the Offsec IRC channel (#offsec) and forums in addition to the course material.

If you do have any questions, provide details of what you have already tried. If you can demonstrate that you have made an effort, you’re more likely to get help or at least a nudge in the right direction, otherwise you’ll probably get a “Try Harder”…[Read more]