MaXe

Update: Wiki has been moved to https://wiki.altc3.org/index.php/Main_Page as the CCC members deleted the page.

Glad to hear you like it ;D

It’s a very good course, I recently some most of it, he knows his stuff (and beyond), no questions about that  ;D

Give him some time, he usually responds within a week as all access is manually set up, and Grendel is usually extremely busy, be patient  🙂

There’s no measurement, but it’s the best way to learn the basics of pentesting when it comes to courseware. The Labs, may be very tough if you’re very new to pentesting. I suggest you become familiar with linux and the console a bit, before diving into OSCP/PWB.
It’s also useful to have a good working knowledge about computers and networks in…[Read more]

@kaztech wrote:

Yes, thank you all so much for your help in determining what “hacking” really is!  This is a wonderful community 🙂  I had no idea how much hackers do!

We didn’t determine anything. We only shared the truth.

I’ve done most of the Shodan course, however I failed at cracking some passwords. Despite that I tried idunno, 50-100’000 relevant variations of the mentioned topic, and 165 million random different passwords. Did any of them crack? Nope.

You should consider posting your message on one forum first, and then wait a bit, before posting it across multiple forums. I’ve already replied on InterN0T.

What kind of practical experience do you have with security? Your resume and certifications doesn’t tell if you know about penetration testing, vulnerability assessments, etc.

The course I recommended from BackTrack, is not that expensive:
http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/ (750$, I recommend 60 days lab time)
and this: http://www.offensive-security.com/information-security-training/cracking-the-perimeter/ (1200$)

Don’t do OSCE without knowing quite a bit…[Read more]

A degree in computer science is good if you’re in Austraila, and as you are doing a masters in Computer Security that’s also very good. You should however look into Offensive Security certifications as well, as they are valued at some companies in Australia. CREST certifications are quickly gaining popularity at the moment, but they are very…[Read more]

I guess it’s just money for checking the papers and perhaps your linkedin profile  ;D Even though, I think those 500$ for the exam voucher, should cover that hilarious 100$ administration fee. On the other side, GIAC certifications does not have this fee, but they are like priced at 899$. On a third side, CEH is waste of time, unless it’s a job…[Read more]

All what mrvore said is truth, even though the term script kiddie (and the acronym skiddie) is still widely used  🙂

A lot of OSCPs and especially OSCEs fall the first time. Recognize your weakness as you did, and make sure you won’t fail the second time  🙂

I like how you wrote “Recruiting Security Experts Worldwide!!” while it’s not really true, as a lot of US-based companies won’t even consider hiring you unless you got a green card already and if you pay for your own relocation, then they might hire you. At least, that is how I have seen it was not long ago.

In Sydney on the other hand, they do…[Read more]

Havij is a script kiddie tool just like Pangolin is, except Havij is more widely used by script kiddies especially in the middle east. A pro tool, which can do a lot more, but is also a lot harder to use is sqlmap.

However, using a tool only, without knowing what causes SQL Injection, how to fix it (in the code!) and how to test manually will not…[Read more]

It was a lot better than expected, I was hooked!  ;D Compared to that other recent documentary about “hackers” where most of them were really just script kiddies except l0pht, Jericho, cDc, and a few others, this movie was not really about hackers but the guys were at least “for real”. They certainly have skills in managing TBP.
I did notice they…[Read more]

I think I may have gone through some or all of the courseware from a third party provider as well. Questions were just as horrible as CEH, but I heard the actual exam questions were like, making serious infosec people die ;D

Using a corporate blog in that way has just severely damaged their reputation more than it already is, and writing “fuck you” and threats of physical violence only attracts trolls and those who may want to prove Joe wrong that he’s not the smartest nor the strongest guy in the world.
If he makes a response video (which I doubt as he’s not Greg…[Read more]

He’s beginning to sounds more and more like Gregory D. Evans.
(http://attrition.org/errata/charlatan/gregory_evans/) Except that Joe, actually knows something.