-
tturner replied to the topic Certification plans for 2014? in the forum General Certification 6 years, 1 month ago
Pretty much none of my original plans from 2013:
OSWP was extremely disappointing and I just couldn’t get motivated for it. I really would not recommend this course unless you just wanted to learn aircrack and had someone paying for it.
OSCP – Yeah, I’m not sure if this will ever happen. Personal life just doesn’t allow me the time I’d need to…[Read more]
-
tturner replied to the topic Defcon 21 in the forum Calendar Of Events 6 years, 5 months ago
I’ll be at BsidesLV and DC21. Looking forward to seeing those of you I’ve met before and new faces as well!
-
tturner replied to the topic FSU 2013 Offensive Security Course in the forum Tutorials 6 years, 5 months ago
I’ll be seeing Owen tomorrow. I will see if I can convince him to share a torrent for the videos and let him know you guys are interested.
-
tturner replied to the topic InfoSec in Central, FL in the forum Career Central 6 years, 7 months ago
I can help you there. ๐
I may even have an available position very soon. Shoot me a PM.
In the meantime check out:
http://hackucf.org/blog/ (they welcome non-students and are VERY active and friendly)
https://www.owasp.org/index.php/Orlando (I run the chapter)
http://dc407.com/ (I am fairly active, but this group is floundering a bit due to…[Read more]
-
tturner replied to the topic PentesterLab – Free Courses and ISOs for WebApp Pentesting in the forum Web Applications 6 years, 8 months ago
Wow. This is gold. or platinum. Great stuff. Thanks for sharing guys, I’d heard mention on twitter but not checked it it out til now and am glad I did. Anything web services is so rare to find. (Talking about Axis2, not the intro)
-
tturner replied to the topic Maltego v3 Questions in the forum Network Pen Testing 6 years, 10 months ago
You may want to check out https://www.youtube.com/watch?v=XR6Sxe3wlDE and theย other videos on the Paterva channel. I believe this one goes through creating your own transforms and may be helpful. I have not used Rapleaf myself so YMMV. Work/Life is pretty crazy right now but when I get a sec I’ll try it out and followup on this thread. May be a…[Read more]
-
tturner replied to the topic Maltego v3 Questions in the forum Network Pen Testing 6 years, 10 months ago
Have you looked at https://github.com/cmlh/Maltego-Rapleaf ?
-
tturner replied to the topic Approved Scanning Vendor – PCI in the forum Compliance, Regulations & Standards 6 years, 11 months ago
Internal scans can be done by any “qualified” internal security person. PCI does not define what qualified means but I suspect the day will come when they start requiring internal folks to become ISA or PCIP. Your QSA determines whether this is being properly managed, not the council. Yes, much room for interpretation. Welcome to PCI.
External…[Read more]
-
tturner replied to the topic What does EthicalHacker.net bring you? in the forum News Items and General Discussion About EH-Net 6 years, 11 months ago
@ajohnson wrote:
I know what you mean. TTurner’s signature alone motivates me 8)
They are like Pokemon… Gotta Catch ‘Em All! I have a problem, I really do. Is there a Certaholics Anonymous? (CA – Infosec Acronym Collision Alert!)
But seriously this is one of the friendliest, most helpful communities I’ve been a privilege of being part of and…[Read more]
-
tturner replied to the topic OSCE… check! in the forum General Certification 6 years, 11 months ago
-
tturner replied to the topic OSCE… check! in the forum General Certification 6 years, 11 months ago
That’s awesome both of you! Such an accomplishment, and I’m really excited for you! Major congratulations are in order. If either of you will be at SANS Orlando or B-Sides Orlando in March/April look me up and I’ll buy you a beer. ๐
-
tturner replied to the topic SANS GXPN Review in the forum General Certification 6 years, 12 months ago
-
tturner replied to the topic SANS Holiday Challenge 2012 in the forum Skillz 6 years, 12 months ago
There are tons of hints both on the twitter feeds as well as the questions that are asked in the game posting. Just dive in and it will start falling into place. ๐
-
tturner replied to the topic SANS Holiday Challenge 2012 in the forum Skillz 6 years, 12 months ago
There IS an easier way. Only took me 2 tries. Use your tools to aid your eyes. ๐ What’s disappointing is how I got one of the later flags. Not sure I did it the right way, felt like cheating but got the answer. ;P
-
tturner replied to the topic Monitoring day to day vulnerability scan results in the forum General Certification 7 years ago
Thanks Andrew it looks interesting. Just not sure how crazy I am about shooting all my vulnerabilities up to a cloud service. I’d welcome something like this internally though.
-
tturner replied to the topic Monitoring day to day vulnerability scan results in the forum General Certification 7 years ago
I touched on some of these issues in a recent blog post (mostly focused on vuln mgmt lifecycle and how current products don’t really meet our needs) http://sentinel24.com/blog/vuln-mgmt-lie/
It’s really a shame that the vuln scan vendors missed the boat here. If you purchase additional expensive tools like RedSeal you can start painting the…[Read more]
-
tturner replied to the topic 12 Steps to a malware free existence in the forum Malware 7 years ago
@Hudson185 wrote:
Using backtrack 5 R3 with vpn is much more secure …
More secure than what? a soggy napkin? If you want secure, run a stripped down gentoo or *BSD box with only the bare necessities, no compiler, services disabled, FDE, etc. BT5 not only runs as root (yes you can change but, I run a BT5 VM with a locked down user and su when I…[Read more]
-
tturner replied to the topic vmware workstation 8 and wifi scanning help in the forum Network Pen Testing 7 years ago
NAT vs bridged doesnt matter for wireless, thats just the wired virtual network. For wifi sniffing in a VM you MUST use a USB adapter. Only other option is install baremetal OS, but chances are you are going to want a card compatible with your wifi tools and will probably end up buying a USB ALFA or TPLINK anyway.
-
tturner replied to the topic 12 Steps to a malware free existence in the forum Malware 7 years ago
You forgot “Perform normal computing tasks as a non-privileged user and use runas or sudo when higher privileges are required”
I’ve found taking this step prevents a huge number of infections
-
tturner replied to the topic Cost of the logs storage in the forum Other 7 years ago
There’s a big difference between collecting and alerting. My preference is to collect as much data as feasible and then filter the data set down to a manageable level. I would rarely condone collecting less data but almost always recommend trimming alertable events, tuning, and filtering so as to not DOS the analyst. You can always expand your…[Read more]
- Load More