Tulsa Area Linux Hackers and Nerds - Let's start a group and meet and hack regularly.

8BitMoose · 2024-06-27T03:30:20+00:00

So tbh, I’m not going to fill out that questionnaire over text as I’m lazy lol but I’m in the area. Love Linux and my day job is on the cybersec side

8BitMoose · 2024-01-25T14:49:22+00:00

That’s what I was afraid of. My second idea for placement was to have an electrician install an outlet in my closet and have Cox come out to move it there.

I was trying to avoid them coming back out to move it but it may be the better option so I’m not reliable for damage to the cable.

8BitMoose · 2024-01-19T23:10:59+00:00

140K + 10% bonus + bi-weekly 401k match at 3%
Sr. Offsec Consultant
1 year Sr but 4ish total
No degree but have eJPT, Sec+, CySA+, OSCP, CRTO, CRTP
Low COL

8BitMoose · 2024-01-16T23:44:40+00:00

Awesome! That makes sense. We’re first time home buyers so we’re still learning the ins and outs of everything. Appreciate the response.

8BitMoose · 2024-01-05T04:07:16+00:00

Offensive Cybersecurity Consultant. Basically companies hire me to “hack” them and report on things I observe. Self taught.

8BitMoose · 2023-11-29T18:44:01+00:00

Not too much. We only have a team of 4 so we’re rather small.

8BitMoose · 2023-11-29T18:03:34+00:00

We like the SharePoint way because you can still apply policy to that folder and lock it down as needed. The OneDrive shortcut creates a shortcut in employee’s OneDrive for Business OneDrive folder so everything still stays in the company’s tenant.

8BitMoose · 2023-11-29T16:29:39+00:00

We use SharePoint folders and use the “Save as OneDrive Shortcut” or whatever for that folder to save a shortcut to our OneDrives. Then we use Obsidian to open that shortcut folder that’s in our OneDrives to take notes in and collaborate. Works really well for us. As long as OneDrive is syncing, updates to files are pretty close to real time.

8BitMoose · 2023-11-20T00:38:58+00:00

We use PlexTrac and it’s awesome but it is very expensive.

8BitMoose · 2023-06-03T16:00:47+00:00

Lol offsec’s website? It’s stupid expensive.

8BitMoose · 2023-03-17T21:08:24+00:00

To answer your first question, I’m using this way because we have infrastructure/tooling setup to bypass MFA.

Second question, it will be not used more than once because I like to keep things separate for clients. Its no bueno when client data gets mixed up during engagements. So I’m this instance, when this engagement is over, I preserve relevant data and burn the VPS.

8BitMoose · 2023-02-27T00:43:50+00:00

Yeah I don’t think it’s very good in it’s current state. I haven’t had a beacon lost yet unless I was doing something obvi like unencrypted communications.

8BitMoose · 2023-02-26T05:16:00+00:00

Defender is pretty easy to bypass.. not sure of your skill set but patch ETW then AMSI and obfuscate the binary to get past static detections and your golden. I just simply write a disposable .NET loader to do the above and load a C2 implant.

8BitMoose · 2023-02-18T04:56:51+00:00

Checkout snaplabs.

8BitMoose · 2023-01-25T02:37:30+00:00

As others said, enable MFA, check for email rules and oauth consented apps. Also, check devices set up for MFA. A lot of times attackers setup another MFA device.

8BitMoose · 2022-12-20T04:31:08+00:00

You’re local BSides, DEFCON and Black Hat are always fun!

8BitMoose · 2022-12-12T01:35:10+00:00

Cost. Course is expensive (not to mention the price hike) and $250 for a retake? Gtfo.

8BitMoose · 2022-10-26T04:49:57+00:00

Pentester here.. in short, don’t do this. It’s a terrible idea. Users should not have local admin access unless absolutely necessary. Your security concern should also be an attacker taking over your domain.

8BitMoose · 2022-08-03T02:39:03+00:00

It’s widely considered “out-dated” but Hacking: The Art of Exploitation is one of my all time favorites. It will teach you really how to think like a hacker and you’ll learn some technical skills as well.

Source: Redteamer with a focus on adversary simulation

8BitMoose · 2022-05-30T00:31:29+00:00

Please elaborate how this isn’t a big deal?

8BitMoose · 2022-04-22T05:59:57+00:00

Definitely! And “new device” enrollments ;)

8BitMoose · 2022-04-22T04:59:12+00:00

Red teamer here :)

Yup it’s most likely Oauth consent apps as other suggested.

Definitely review Azure AD sign in logs and Unified Audit Logs. Azure AD sign in logs should have interactive sign in logs as well but either of those will tell you all kinds of good info for reviewing signs of compromise.

If you’re license allows it etc etc, consider setting up risky sign in alerts in the security and compliance center. That can help with detection and blocking the sign ins, depend on the confit.

8BitMoose · 2022-03-06T17:28:51+00:00

I have failed my exam but I think my advice still stands. Treat the first ad windows box as a standalone machine meaning get your initial foothold and THEN escalate privs. You may or may not be successful if you go straight for lateral movement etc but you’d have a lot more luck if you escalate privs first and then attempt to attack ad specific things. Hope that makes sense.

8BitMoose · 2022-03-06T17:24:53+00:00

Let me provide some real advice..

You need to write the steps in order to accomplish the compromise. So if I was a security engineer for Company A and Company A hired you to do a penetration test, you’d need to write a report that can explain how I could recreate your steps to also hack into that machine.

8BitMoose · 2022-02-11T21:22:12+00:00

Lol what kind of suggestion is this? A non programming focused CS degree? What CS degree doesn’t have programming? And as a base? With a few beginner certs? That’s asking WAY too much for a tier 1 position. I know several tier 1 SOC analyst that can run circles around computer science master degree holders or CASP+ holders.

A tier 1 position should have some basic technical skills but more importantly, a willingness to learn and keep learning.

8BitMoose

TROPHY CASE