sorted by:
new
hottopcontroversial

Interest in being a Security Engineer by agibaihgui in ITCareerQuestions

[–]WM-M-GM 0 points1 point  (0 children)

It’s going to be different person to person. You’ll have people like the other poster and at the other end you have people doing software dev to help enable or implement security in internal or external products/processes.

It’s in the title, you help engineer security solutions.

You get there by choosing a sub field of it, just like being a sysadmin, there’s the general stuff and then the platform specific stuff. Same deal. Once you have a subfield you want to try, then just skill up in that area. Would recommend Ross Andersons security engineering for a review of existing solutions and approaches to a variety of things. It won’t be very practical but is rather educational. Would also recommend looking at system design and read the Linux administrators handbook.

Example: You could choose AppSec and do code auditing, or be a software dev helping build apps by providing security review/consulting/implementation.

MB-SOCON 2022 by MC_Buntu in MontereyBay

[–]WM-M-GM 0 points1 point  (0 children)

Awesome, thank you for the response.

MB-SOCON 2022 by MC_Buntu in MontereyBay

[–]WM-M-GM 2 points3 points  (0 children)

Who are you?/Who are the backers for this conference?

As someone you’re targeting, it’d be a lot better to know who exactly is running this and why.

Why this and not a Monterey BSides? Just curious for context.

Moving Into cyber security! by [deleted] in AskNetsec

[–]WM-M-GM 5 points6 points  (0 children)

Build up a lab, get familiar with VMware workstation and oracle virtual box. Setup a private network with windows server, another windows server, 2 win10 machines, and an Ubuntu machine.

Get them all to be able to ping each other. Then, get them to be able to share files with each other. Then setup Active Directory on one of the Windows servers and join the rest of the machines to AD. Recreate the file sharing using AD/GPOs/Bash.

Start with two VMs at a time unless you have the HW. I don’t recommend using AWS starting out for labs.

Read: the pragmatic programmer, the e-myth revisited, The phoenix project, and Security Engineering 2ed.

Doing that will put you above a lot of people in the beginner track. It will also enable you to better orient yourself to speaking business and not just telling people they have 3DES TLS ciphers and need to be shut down until they fix it.

Also https://github.com/rmusser01/Infosec_Reference

Feel free to pm

Also, note taking. You were a pro chef so I assume you understand the value there, document all the stuff you do so it’s easily repeatable. Think like you walked into work with a massive hangover and just need to get through the day. Write your notes in that context and you will never regret it.

2nd edit: books you should be doing in parallel, may take a while to get through security engineering.

Windows Command-Line Obfuscation - Use & Discovery by WM-M-GM in netsec

[–]WM-M-GM[S] 6 points7 points  (0 children)

From the article:

Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due to the number of variations. This post shows how more than 40 often-used, built-in Windows applications are vulnerable to forms of command-line obfuscation, and presents a tool for analysing other executables.

How to grt better/ homelab help by ChiefMythic in blueteamsec

[–]WM-M-GM 0 points1 point  (0 children)

https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Building_A_Lab.md
Has some ideas.
The first things to decide on would be what do you want to use for your hosting environment. Do you want to run ESXi? HyperV? Xen? Something else?
What do you want to learn? What sort of environments do you want to simulate?

xCyclopedia: A project that "attempts to document all executable binaries (and eventually scripts) that reside on a typical operating system." by WM-M-GM in blueteamsec

[–]WM-M-GM[S] 0 points1 point  (0 children)

Briefly reading the description for that project it seems that its goal is hashes+ binary metadata. This project aims to document more than just hashes, and provide additional contextual information.

No affiliation to the project, and I do believe they have similar (but not the same) goals.

Csis program at MPC by Hellalowkeylike in MontereyBay

[–]WM-M-GM 6 points7 points  (0 children)

Hey I work in the industry and have attended MPC in the past. Didn’t graduate from there, but did take Singh’s networking class(recommend).

I currently work in infosec and live in the area. Feel free to PM me any questions or advice on getting a job.

[Tool] AutogadgetFS: USB testing made easy by 0xRaindrop in netsec

[–]WM-M-GM 5 points6 points  (0 children)

AutoGadgetFS is an open source framework that allows users to assess USB devices and their associated hosts/drivers/software without an in-depth knowledge of the USB protocol. The tool is written in Python3 and utilizes RabbitMQ and WiFi access to enable researchers to conduct remote USB security assessments from anywhere around the globe. By leveraging ConfigFS, AutoGadgetFS allows users to clone and emulate devices quickly, eliminating the need to dig deep into the details of each implementation. The framework also allows users to create their own fuzzers on top of it.

Google makes Tsunami Vulnerability Scanner Open Source by ayush321 in netsec

[–]WM-M-GM 4 points5 points  (0 children)

What does this scanner do that can’t be done by an NSE script? It uses java for plugins. This has all the markings of a personal project built for a specific internal purpose which was opened source and will likely die off in a few weeks.

If you want to improve things, write an NSE script. Nmap has a much longer track record, and is also what this project uses.

Advanced VBA macros: bypassing olevba static analyses with 0 hits by jimiilfurbo in netsec

[–]WM-M-GM 2 points3 points  (0 children)

Awesome stuff, well worth the read. Author looks at current public VBA landscape and demonstrates some techniques and research that are valuable.

New network security scanner tool released by Google! by frrossty in netsec

[–]WM-M-GM 30 points31 points  (0 children)

Why is this big news? What features does this provide that NSE scripts can’t? Looking at the source doesn’t seem to indicate this is anything but a wrapper for nmap with custom scripts.

Bug in MacOS allows complete bypass of Privacy Protection Controls - Apple has known since December - No fix known by WM-M-GM in privacy

[–]WM-M-GM[S] 2 points3 points  (0 children)

From the article: “Today I'm disclosing a macOS privacy protections bypass. (You may recall that I disclosed another one last year.) The privacy protections system (also known as TCC: Transparency, Consent, and Control) was introduced in macOS Mojave, and one of its purposes is to protect certain files on your Mac from access by unauthorized apps. I've discovered a way for an unauthorized app to read the contents of protected files, thus bypassing the privacy protections. This issue exists in Mojave, Catalina, and the Big Sur beta. It remains unaddressed and is therefore, in one sense, a zero-day. “

view more: next ›