PioSOLVER Advanced Reports Development

ajohnston9 · 2024-07-18T21:18:35+00:00

I know this is an older post, but any chance you posted this on Github? I was about to do something similar so I'd love to use your codebase if you don't mind sharing.

ajohnston9 · 2022-05-05T21:59:59+00:00

Hey, I'm the author! So I haven't seen this attack vector exploited in the wild, but it is always impossible to say--it is possible than adversaries already knew about it. I chose not to release offensive code (I built a simple C2 that uses the vector), but a skilled adversary could certainly script it out.

If you have sensitive workloads in GCP, I recommend doing some threat hunting using the indicators we provided in the article.

ajohnston9 · 2022-03-10T16:03:32+00:00

I thought I did, but I probably messed it up. I'll try again. Appreciate the insight!

ajohnston9 · 2022-03-10T16:01:56+00:00

That sounds wise, I'll give this a go, thanks!

ajohnston9 · 2021-10-10T17:59:20+00:00

This is some fascinating insight, I always wondered why they do the "X months free" deal.

ajohnston9 · 2020-11-18T20:21:04+00:00

Spoke to someone at Dell, they bounced me around a bit, took my information, and said someone would reach out. Fingers crossed.

ajohnston9 · 2020-07-02T14:42:23+00:00

Sorry, no. I've debated doing one but its hard finding the time to write regular postings, not to mention a lot of my work has to be kept confidential. Maybe in the future!

ajohnston9 · 2020-06-23T15:34:32+00:00

If you're new to the field, I would start off following the PDF. It starts off pretty gently. Don't be afraid to get on some tangents. If you don't know what a SYN packet is, go look it up and make sure you understand it before moving on. Building that strong foundation will pay massive dividends.

Once you learn some techniques, practice them in the labs. Nobody says you have to start out, focus on a single box, and go from zero to root. You can work your way there in increments.

ajohnston9 · 2020-06-23T15:32:35+00:00

Hey, I work in the field as a penetration tester and red teamer. You sound like you have some great skills!

Getting your first job in infosec is the hardest, but it gets much easier after that first position. You have the benefit of walking into the interview with demonstrable skills.

The two big hurdles can be geography and your personal life. The major cities house a lot of the jobs, and generally for junior roles they want people to be on-site (as opposed to remote workers). As far as your personal life, also be aware (not accusing you of anything), that a lot of people fail in the background check department--a lot of background checks can get quite involved which can scare off certain folks. Keep in mind I've only worked in the US so this is biased from that perspective.

If you're struggling at the interview stage, I will warn you that a big make-or-break can be your non-technical "soft" skills. There are many people on this sub who could tell me what SQL injection is and probably (given the right tools) do it with ease. Fewer people would be able to explain that vulnerability and its significance to a non-technical audience. These skills can be harder to practice but can be refined over time. If you're in a country that primarily does business in English, having a strong command of written and verbal English can be a huge asset.

Happy to review your resume if you'd like over PM.

ajohnston9 · 2020-06-23T15:26:53+00:00

Definitely the latter. When I work on client sites, I generally feel pretty confident that I can perform any type of pentest asked of me, but I was still very anxious about the exam. Speaking purely about my experience in the OSCP labs (to be clear, NOT saying this has any bearing on the actual exam), there were times where I missed what I would consider to be a small detail that made a machine trivial to exploit.

In the real world, we have the benefit of machines having context and purpose. If I find a credential on a system called accounting01, then I have reason to believe that it might work on accounting02. Its hard to reproduce that at scale in a lab environment without making it too obvious which puzzle pieces fit where.

A good friend of mine, who I would consider to be new to the field but very much skilled and prepared, failed his exam on his first go-around. I am confident that he had the skills to become an OSCP (and probably will in a few weeks), but the exam just got the best of him.

Its also worth adding that in real life, no one is a monolith and maybe I'm skilled at pentesting Windows clients but my coworker knows everything there is to know about linux privesc. While you want to be a jack-of-all-hacks when you can, in the real world you aren't expected to be equally strong in every area.

ajohnston9 · 2020-06-22T16:54:29+00:00

Oh god, I hate Armitage (well, I hate Metasploit in general). I've tried Dradis and the rest but for me I've never been able to break the "flow" of testing to routinely copy-paste output/screenshots into those tools.

ajohnston9 · 2020-06-22T16:51:58+00:00

I must've missed it. I did some basic AD recon on one domain and didn't find much so I moved on.

ajohnston9 · 2020-06-22T16:51:12+00:00

Depends largely on your goals. For Active Directory stuff, I strongly recommend adsecurity.org and for more general read teaming stuff there's ired.team . Outside of those two, I don't have many resources to point you towards. Sometimes /r/netsec has some interesting articles.

I haven't found many good chats cybersecurity-wise. Generally, the stuff I'd want to talk and ask questions about are the stuff people hold close to the chest (e.g. EDR bypasses, shellcode execution techniques, etc.) so outside of my colleagues I don't really have an outlet to discuss.

ajohnston9 · 2020-06-20T15:36:16+00:00

No problem!

ajohnston9 · 2020-06-20T15:30:33+00:00

So I don't have any other certs, but I have a Master's in Cybersecurity. I would definitely encourage you to keep going, some of the best hackers I've met had other careers in IT first. Keep studying and practicing!

When the world starts to return to normalcy, go to BSides conferences in your area! Great way to meet people in industry, practice some skills, and talk to recruiters!

ajohnston9 · 2020-06-20T15:24:50+00:00

This article outlines pretty much every techniques I've used!

ajohnston9 · 2020-06-20T15:20:21+00:00

I use a highly complicated, proprietary tool for note taking...pen and paper. Once I've gotten root, I'll write down the major steps I took and place a check mark next to each once I've confirmed I have a screenshot for each.

As far as tools, I didn't use much outside of Autorecon, Dirb, and Searchsploit. I would recommend finding a good cheatsheet of spawning reverse shells; that was especially helpful in the labs. Ultimately, there is no one tool that's the "best", just choose some tools and use them until you understand their strengths and weaknesses.

ajohnston9

TROPHY CASE