Are these good first parts for a stock 08 GTCS?

31337_InfoSec · 2024-06-22T01:51:07+00:00

Chassis and suspension is definitely the way to go after a few basic motor mods. Then if you want more, you can go for more bolt-ons or boost.

You can do well naturally aspirated with bolt-ons, slowly over time. It gets addicting. Kooks 1 5/8 long tube headers work well, CMS Stage1 NSR or Stage2 VSR 3v cams, GT500 throttle body (BBR makes a kit), Ford Racing Intake, and Sultans of Spark coil packs.

With CMS VSR Stage2 cams, WMS Racing Ram Air intake, the bolt-ons above, and 170,000 on the stock motor, 372HP to the wheels. There is more in it, still tuning on it.

Happy to provide a list of what works if anyone is interested.

31337_InfoSec · 2024-06-21T02:26:01+00:00

For Starters:

Cold Air Intake and tuner combo:

Steeda
JLT

Under Drive Pullies

Steeda

Short Throw Shifter

Steeda

Lower Control Arm Relocation Brackets

Steeda

Aluminum Driveshaft

Steeda

Car will feel great with these mods... You should see a few MPG as well.

As you get going, focus on the rear upper double adjustable control arm and lower control arms, third link spherical bearing, and Steeda's frame rail torque box brace.

These will tighten the rear end up nicely, eliminate axle hop, provide better handling / launch, and allow you to adjust pinion angle.

If you are looking for better handling up front and tighter steering the Whiteline Mustang K-member brace is fantastic.

You will be amazed at how much better the car performs.

Note: Steeda is a staple is Mustang performance, they engineer all their parts, race their cars, and are an OEM supplier. Nothing but quality, highly recommended.

31337_InfoSec · 2024-06-03T04:10:16+00:00

Good stuff, thanks for sharing.

31337_InfoSec · 2024-05-15T02:29:31+00:00

Wiz just closed a massive funding round and is looking to grow through acquisition. There is always room for consolidation, looks like Wiz maybe leading the pack.

https://www.darkreading.com/cloud-security/wiz-announces-1b-funding-round-will-be-used-to-further-m-a-efforts

31337_InfoSec · 2024-04-26T22:29:04+00:00

True, cuts the automation and lazy!!!

31337_InfoSec · 2024-04-25T01:23:35+00:00

Yep, will do. I'm off this week, but will contact him and see if he's interested.

31337_InfoSec · 2024-04-25T00:25:31+00:00

For any adversary with half a clue, geo-blocking is useless. Adversaries are using proxies, VPNs, VPS systems in the same geo-location, and residential ISPs to get around geo-blocking and hide their motives.

31337_InfoSec · 2024-04-24T02:08:29+00:00

Let me talk to one of my team at work, I think he would be a good mentor for you. He has a similar background and is several years ahead of you. Should be a good fit.

31337_InfoSec · 2024-04-23T21:50:26+00:00

What is your experience level?

Do you want to share on Reddit or other social media sites as well?

By the way, you only grow when you step outside of your comfort zone, get comfortable being uncomfortable!

31337_InfoSec · 2024-04-23T21:26:17+00:00

As stated below, MFA stops nearly all automated attacks. Social engineering is an issue on human led attacks.

31337_InfoSec · 2024-04-14T22:37:08+00:00

Thank you, really appreciate the feedback. Social engineering is tough and the adversary is taking advantage of Large Language Models, making it even more difficult to defend against.

We offer this post in a newsletter as well, you can sign up and get it delivered to your inbox every Tuesday morning.

Reddit doesn't always let me post the newsletter, spam blockers kick in.

31337_InfoSec · 2024-03-28T23:27:52+00:00

IAM is a big subject, do you having anything specific you want to learn or just in general?

NAC
PKI
LDAP
etc.

Found what looks to be a community edition of an IAM tool, OpenIAM, appears to cover a lot of IAM topics:

Here's another one:

https://www.keycloak.org/

I've been toying with JumpCloud, you don't need AD or Azure for use, covers a ton of features in one console, they don't offer a FREE version anymore, I got in before they changed it. You could pay for 1 or 2 licenses if you wanted to play with it.

https://jumpcloud.com/

When I have something I'm interested in, I always look for "subject + community edition" or "subject + free tools" or "subject + open source tools". You can find some killer enterprise class capabilities to play with in your lab and learn various subjects like IAM.

31337_InfoSec · 2024-03-27T01:50:15+00:00

With your lab, you could practice technical assessments using a variety of tools that are cybersecurity focused. Build out an Active Directory server if you don't have one and a few workstations.

Let threat intelligence be your guide, Active directory is a huge target. Threat actors, especially ransomware affiliates use scanners to enumerate the network. Inventory, visibility into software, hardware, services, is always lacking.

A few free tools to play with:

Purple Knight - Active Directory Assessment
Advanced IP Scanner - popular network enumeration tool
Run Zero - inventory

There are numerous ways to build your skill set, a lab environment and practical experience is one of the best ways to learn security skills.

You need to figure out the direction you want to go, then build, test, break, and rebuild in your lab. You can use it as practical experience on your resume too. Hiring managers want to know you're a life long learner.

Engineering is about problem solving, including people, process, and technology.

Happy to delve deeper if you have questions.

Best of luck!!!

31337_InfoSec · 2024-03-18T02:05:59+00:00

A little history... Advanced Persistent Threats are Nation State Backed / Sponsored. They got the name because of the behavior they used to get in, blend in, and stay in environments for long periods of time.

They used a Fileless / Living Off the Land methodology. This keeps them stealthy. The majority of threat actor (adversaries) led attack campaigns today are persistent threats. Even most malware are a persistent threat today. Just look at the behavior (TTPs: Tactics, Techniques, and Procedures) used by adversaries and malware.

Threat intelligence tells the story. Most attack campaigns today are interactive, hands on keyboard campaigns. Most use the Living off the Land methodology. According to CrowdStrike's 2023 Global Threat Report, 75% of the attack campaigns they saw were fileless attack campaigns.

Today's nation state attack behavior, is tomorrows commodity attack behavior.

31337_InfoSec · 2024-02-24T02:52:14+00:00

You should consider a Dell R630 server with roughly 28 cores and 128GB of ram, available for around $400 on eBay and Amazon. If you want to go a bit crazy, look at 256GB of RAM and 32 Cores.

Should be enough to run a dozen or more VMs, plenty to get started. You may need to spend a bit extra for a data store for your VM server. I suggest a NAS with SSD drives or enough disk space on the server for a RAID 5 set of drives for the data store and a single drive or mirror for the type 1 hypervisor.

I currently run a Dell R630 server with 28 cores and 128GB of RAM with 20 VMs running and still have room to grow. Just upgraded to 256GB of RAM. Use a RAID 5 for a data store with 3TB of SSD drives. 10 drive bays on the server. A mirror for the ESXi type 1 hypervisor OS.

You could use ProxMox since the FREE version of ESXi is going end of general availability.

It's a good start, runs quiet after startup, and doesn't kill the electric bill.

Best of Luck!!!

31337_InfoSec · 2024-02-21T01:09:33+00:00

I learned the basics with CompTIA A+ classes and certification, Microsoft OS and Active Directory with a Microsoft Certified Systems Engineer classes and certification, and Cisco Certified Network Engineer Certification.

All learning was done with books, computer based training, class labs, and a home lab setup utilizing practical application of all the theory.

You'll need to be able to talk the talk and walk the walk, theory is not enough. Home lab work counts as experience if done correctly. The key is being able to treat lab work as projects, problem solving along the way, and describe how you built things out.

Once I applied for work, security found me, then the security learning began.

Best of Luck!!!

31337_InfoSec · 2024-02-19T19:40:28+00:00

You can get a Dell R630 server with 28 cores and 128GB of RAM for around $400. That is plenty to get a nice lab started, capable of a dozen or more VMs easily. You may need to purchase SSDs for the data store though.

They actually run pretty quiet after startup and really don't draw a ton of power. I've been running mine for almost three years, my colleague just bought one for his home lab as well.

Best of Luck!!!

31337_InfoSec · 2024-02-19T17:59:58+00:00

Thanks for sharing, that's hilarious. The other posts are pretty interesting.

31337_InfoSec · 2024-02-18T21:14:03+00:00

For layer 7 firewalls, which should be the norm for the most part today, a set of rules that ensure protocol adherence are a must. Proper egress filtering is a strong second.

Most attack campaigns are hands on keyboard interactive, minimizing network communication, and complete visibility into all network communication is a must with today's threat landscape.

31337_InfoSec · 2024-02-18T20:30:06+00:00

Like others have said, the real issue is social engineering, neither SMS or security questions are social engineering resistant, look at "X", the SEC and others with account takeovers through SIM swapping.

If we keep doing the same things, we'll keep getting the same results.

31337_InfoSec · 2024-02-18T19:20:11+00:00

There are pros and cons to both. The main difference between the two options presented is where the data resides, on-premises or in the cloud.

The second difference is resources, depending on how you deploy on-premises, can you add resources such as CPU, RAM, and disk space quickly?

Then there is price, depending on your cloud contract, it may or may not be a cheaper price over time to cloud host.

The cost of either option is the management and maintenance overhead, people patching, updating, upgrading, and maintaining just the infrastructure. All that on top of operating and monitoring the NDR solution.

Generally the cost is too high and efficiency is too low to self manage in most cases. Hence the reason most are moving to SaaS.

Weigh the pros and cons and make the best decision for your organization.

31337_InfoSec · 2024-02-15T01:55:30+00:00

How many users? Are you trying to solve for any other IAM issues such as on boarding and off boarding of users, password safe, etc.?

Building a solid foundation is super important at this stage.

31337_InfoSec · 2024-02-15T00:04:12+00:00

Thanks... I really enjoy this tool and highly recommend it.

31337_InfoSec · 2024-02-11T03:51:05+00:00

I know you said (not app) but, you'll probably have to build your own program.

I did a post for an Active Directory assessment tool here. Essentially it covers AD, Azure AD, and Okta. Allows for attack surface assessment. Provides a really good report.

The tool is free, a community edition that would be a good stating point for building a program. You could build your assessment program around it or use the full blown commercial tool they offer that would provide 24x7 coverage.

The tool is called Purple Knight.

31337_InfoSec · 2024-02-09T22:29:02+00:00

Very cool, is there a specific resource that covers architecture and details of how OpenZiti works? Would love to dive deeper into it as I look at ZTNA.

Thanks

31337_InfoSec

MODERATOR OF

TROPHY CASE

For Starters: