-
salil's profile was updated 2 years, 9 months ago
-
salil replied to the topic SIEM & Event / Alert Collection in the forum Other 9 years, 11 months ago
Hi,
Check the blog from Anton. http://chuvakin.blogspot.com/
He has many posts on log management and seim.
I have found that if you start logging things that you know and understand you are able to build up on it. If you start with log everything and start getting rid of the noise you end up with a mess.
Cheers,
Salil -
salil replied to the topic Frustrations in the forum Other 9 years, 11 months ago
Hi,
I can understand your frustration. I have been through that phase as well. The way I approached the situation was to break all your work into phases. Start with the simplest thing that you know they cannot say no to. Get it working, document it well enough so that they get the confidence that there is now a process where the tool fits in and…[Read more]
-
salil replied to the topic Metasploit 101 in the forum Tutorials 10 years, 4 months ago
Hi,
Not sure if its been discussed here but securitytube.com has a new series of videos on Metasploit. Its called the Metasploit Megaprimer and it goes into some good detail.
Cheers
-
salil replied to the topic Post your Cheat Sheets in the forum Tutorials 10 years, 4 months ago
site:sans.org cheat sheets
-
salil replied to the topic Banner grabbing with netcat in the forum Network Pen Testing 10 years, 5 months ago
Hi,
You can use the triggers in the AMAP tool that can be found in the file appdefs.trig (I cant remember exactly but I think thats the one). Are you using netcat manually to rule out false positives?
cheers
-
salil replied to the topic Uceritfy for GPEN in the forum GPEN – GIAC Certified Penetration Tester 10 years, 5 months ago
@Marcos: The practice exams included with the registration or if you buy a separate one can only be used once. Both types of exams can only be accessed once you login to the SANS portal. You do not have to install any software on your PC. You have to use your browser to use the exams.
The three exams will give you a good understanding of the…[Read more]
-
salil replied to the topic How to become the world's no.1 hacker? in the forum Other 10 years, 6 months ago
If anyone listens to the Exotic Liability Podcast episode 64’s starting song is a beauty. Please note the discussions in the podcast may offend some people.
-
salil replied to the topic Just joined the ranks – OSCP v3 in the forum General Certification 10 years, 6 months ago
Congrats Hayabusa! Way to go.
-
salil replied to the topic GIAC practice exams in the forum General Certification 10 years, 6 months ago
@dynamik – There was some overlap in the test questions. However I found hardly any overlap between the test and the actual exam questions. I wont say that I found the exam very easy but it was not as hard as I expected. Which lab are you talking about? I did not have any lab at the end of the exam.
@H1t M0nk3y – I did not take the 6 day course.…[Read more]
-
salil replied to the topic GIAC practice exams in the forum General Certification 10 years, 6 months ago
People…I passed my GPEN exam. 🙂
Things that came handy for me are
1) various cheatsheets on the SANS website
2) Counter Hack ReloadedOther resources that I referred to and had got my notes from
1) Penetration Tester’s Open source toolkit
2) Metasploit toolkit & Offensive-security
3) Webcasts from Ed – CoreSecurity and Pauldotcom…[Read more] -
salil replied to the topic GIAC practice exams in the forum General Certification 10 years, 6 months ago
Thanks Guys…I bought one earlier just to get a feel of what its like. I registered for the exam and got the 2 practice exam. I was about to purchase just another practice exam…good I asked.
cheers
-
salil replied to the topic Tools to find XSS and SQL Injection Vulnerabilities in the forum Web Applications 10 years, 6 months ago
Hi,
Paros has some limited scanning capabilities. I have only only used it in labs against Webgoat and OwaspBWA though.
Cheers.
-
salil replied to the topic Learning and never enough time! in the forum General Certification 10 years, 7 months ago
Hi Guys,
I am in the same boat. The biggest problem I face is that with so much stuff to learn its easy to drift from one subject to another…one website to another and before you know it you have spent 3 hours on something totally unrelated to what you started with.
I still have not found a solution but I have kept 2-3 primary goals and a…[Read more]
-
salil replied to the topic GPEN Practice Exam in the forum GPEN – GIAC Certified Penetration Tester 10 years, 7 months ago
Thanks…that makes me feel better about the exam. I have read Counter hack reloaded. I will do a quick review and mark relevant parts before taking it with me for the exam. Can I carry the SANS cheat sheets with me for the exam? I have some nice ones covering netcat, wmic etc.
-
salil replied to the topic Security Dashboard in the forum Compliance, Regulations & Standards 10 years, 7 months ago
Hi,
I dont exactly have a dashboard but if I could I would put all my monthly reports in it. Right now I provide a monthly report which has graphs and charts (Top 10) covering the following
1. Virus – detected, cleaned, PC name and Username (identify repeat offenders)
2. Patching update
3. Graph on number of attacks by type
4. Graph on most…[Read more] -
salil replied to the topic Policy for personal laptops at work in the forum Compliance, Regulations & Standards 10 years, 8 months ago
Hi,
You can allow staff to use VPN but create different groups and control what each group can access.
Home Users – Use their own laptop but get least access. Restrict access to specific IP address and ports that you know wont allow worms or virus to spread to your network.
Remote office users – Use the office provided laptop have all your end…[Read more]
-
salil replied to the topic CEH preparation notes procedure in the forum CEH – Certified Ethical Hacker 10 years, 9 months ago
Hey Bala,
Search for mindmaps. You can use Freemind to creating your own mindmap. The other option is creating your own cheatsheets for tools and they command options.
cheers.
-
salil replied to the topic Port 22 (SSH) Outbound Question in the forum Other 10 years, 9 months ago
As others have pointed out keeping outbound access to well known IP addresses is the way to go. Here is a nice link showing use of openssh for tunneling.
http://packetheader.blogspot.com/2009/01/installing-openssh-on-windows-via.html
One thing to keep in mind is this applies to all ports and not just SSH since you could change the SSH port from…[Read more]