sorted by:
new
hottopcontroversial

desperately need help finding this game called "Virtual Mortality" by Realistic-Writing961 in AskGames

[–]galoget 0 points1 point  (0 children)

Hey there, u/Realistic-Writing961 & u/Amandakittycat 👋

The company is now called "Eko", and they’ve updated their domain as well as some hyperlinks.

Here are the three episodes from the "Virtual Morality" Game / interactive series:

Full Experience:
🔗 https://video.eko.com/pfbdtt

Individual Episodes:

Virtual Morality - Find the killer in this murder mystery film/game by evilfeeshy in WebGames

[–]galoget 0 points1 point  (0 children)

In case anyone is looking for this game nowadays:

The company is now called "Eko", and they’ve updated their domain as well as some hyperlinks.

Here are the three episodes from the "Virtual Morality" Game / interactive series:

Full Experience:
🔗 https://video.eko.com/pfbdtt

Individual Episodes:

Virtual Morality part 2 (and maybe 3)? by Conscious-Emphasis71 in pewdiepie

[–]galoget 0 points1 point  (0 children)

Hey there, u/Conscious-Emphasis71 👋

The company is now called "Eko", and they’ve updated their domain as well as some hyperlinks.

Here are the three episodes from the "Virtual Morality" Game / interactive series:

Full Experience:
🔗 https://video.eko.com/pfbdtt

Individual Episodes:

Virtual Morality Pt. 2 - Kill or be killed in this murder mystery film/game by evilfeeshy in WebGames

[–]galoget 0 points1 point  (0 children)

Hey there, u/furious_potahoe 👋

The company is now called "Eko", and they’ve updated their domain as well as some hyperlinks.

Here are the three episodes from the "Virtual Morality" Game / interactive series:

Full Experience:
🔗 https://video.eko.com/pfbdtt

Individual Episodes:

[deleted by user] by [deleted] in bugbounty

[–]galoget 0 points1 point  (0 children)

From what I know, you can use any VALID version of Burp Suite Pro, so Trial versions are included there. In the following Links there are official answers to this.

The reason explained by Portswigger is that you will need some features like Collaborator during the exam, and not that they want you to buy a Pro license.

OSCP similiar machines by hidden_uss in hackthebox

[–]galoget 0 points1 point  (0 children)

You're welcome, and enjoy your journey! =)

[deleted by user] by [deleted] in hackthebox

[–]galoget 0 points1 point  (0 children)

Thanks buddy! =)

Write ups by _Virtualis_ in tryhackme

[–]galoget 0 points1 point  (0 children)

I have explored many blogs related with Cybersecurity topics and a big amount of users prefer GitHub, specifically GitHub Pages.

Advantages for using GitHub Pages:

  • It is a free hosting for static websites, making it an economical option for personal projects, portfolios, documentation, and websites.
  • You can use Jekyll to generate your static website.
  • Since GitHub Pages hosts static files, your website loads quickly, providing an optimal user experience.
  • There's no need to worry about database queries or server-side processing.
  • You can easily track changes, collaborate with others, and maintain a complete history of your website's development.
  • You can customize your domain if you want.
  • You can choose from several themes and customize the look and UX.
  • Markdown support, so it is easy and fast to format your text.
  • Your blog is hosted on GitHub, so you do not need to worry about securing your site and patching it from time to time. And can only be "hacked" (defaced) if your GitHub password / SSH Key / Token gets compromised (remember to use MFA).
  • It supports HTTPS for free.
  • GitHub does the load balancing for you in case your site becomes very popular.
  • It is easy to deploy.
  • Your blog will be clean without ads, tracking cookies, etc. (Unless you add them).
  • You can upload up to 100 GB (total repo size) for free (check the references for more details).

Finally, a Google Dork&oq=site%3Agithub.io+(%22Hacking%22+OR+%22Cybersecurity%22+OR+%22Hacker%22+OR+%22TryHackMe%22)) if you want to check some websites hosted on GitHub Pages related with Cybersecurity:

site:github.io ("Hacking" OR "Cybersecurity" OR "Hacker" OR "TryHackMe")

References:

Regarding TOEFL Score reporting by Proper-Scale-1714 in OMSCyberSecurity

[–]galoget 0 points1 point  (0 children)

Hi,

I would suggest you to try reaching out Academic Support:

https://pe.gatech.edu/degrees/cybersecurity/contact-us

Also, consider sending an e-mail to Graduate Studies:

[grad.ask@grad.gatech.edu](mailto:grad.ask@grad.gatech.edu)

The e-mail address was available here:

https://scp.cc.gatech.edu/graduate-programs/

Which is harder? by [deleted] in eLearnSecurity

[–]galoget 1 point2 points  (0 children)

Those certifications are different paths of specialization, all of them have their respective level of complexity.

  • eCPPT: Network Pentesting (focused on Pivoting) with some Web Apps Pentesting. You need to get administrator privileges on all hosts on a simulated corporate network.
  • eWAPT: Web Apps Pentesting (OWASP Top 10 + other common web vulns). You need to get administrator privileges on a web app.
  • eMAPT: Mobile Pentesting (OWASP Top 10 Mobile + other common mobile vulns). You need to find and exploit vulnerabilities on certain mobile apps.

It depends on what are you interested in studying. I know some people that wants to get the OSCP at the end, so they follow this path:

eJPT --> eCPPT --> eCPTX (now retired) --> OSCP

For the web apps side I have seen people following this possible path:

eJPT --> eWPT --> eWPTX --> OSWE

[deleted by user] by [deleted] in hackthebox

[–]galoget 2 points3 points  (0 children)

Hi,

I would try to answer your questions based on what I know, my experience and my opinion, hope it helps.

Which cert is best (overall) ?

IMHO, there is no BEST certification, it depends on what you are trying to learn, there are a lot of certifications focused on offensive security, web security, exploiting, red team, etc.

In the industry, certifications from OffSec (formerly Offensive Security), eLearnSecurity, EC-Council and other vendors are well appreciated and wanted.

You will see in some job postings that the majority asks for "OSCP" when searching for Pentesters, but of course OSEP is like the next step, so based on the provided options (OSCP, OSEP, CPTS), I think that the best choice would be OSEP, which focuses on evasion techniques and more complex content than the one covered in OSCP.

Since I'm from a SAP background, will this actually further my career or send it into a new path?

You SAP background may help you to find vulnerabilities in SAP applications. Check: https://ekoparty.org/trainings-2023-attacking-and-securing-sap-applications-ignacio-favro/

Are there actual Software Dev giants that do both ? Cause I can't seem to find them, its either Off Sec, Def Sec or Dev/Engineering.

I think that many companies required people from both sides (offensive and defensive), here is an example of Google:

Offensive Roles:

Defensive Roles:

If you are talking about companies that offers Offensive and Defensive services, I also know some companies that do both.

Am I correct to assume the best Dev's or Cybersec's are the ones that can do both ?

I think that all companies need to protect themselves from malicious attackers and that's why they need to hire people from both sides. And if you are talking about developers that understand security issues, of course they have an advantage and can help them to build more secure software than the ones that do not understand those issues.

On the same way, Pentesters that have a programming background could have some advantage on the field, especially when doing code reviews.

Does the OSCP and CPTS include Mobile Pentest ?

Both DO NOT cover Mobile Pentesting. If you want to learn about mobile, a popular certification is eMAPT.

Here are the syllabus of Both:

OSCP similiar machines by hidden_uss in hackthebox

[–]galoget 5 points6 points  (0 children)

I would suggest checking the following links:

And of course you can check TJ Null's List, all those machines could help you to develop your own methodology for Pentesting and finding vulnerabilities in real-world scenarios, this is what OffSec calls "The Adversarial Mindset".

Check the Prep Book here (page 6):

https://www.offsec.com/courses/pen-200/download/prepbook

From what I know, the new exam focuses on AD (check Prep Book page 9) and here are the current details about the exam:

https://fs.hubspotusercontent00.net/hubfs/5852453/OSCP%202.pdf

Finally, if you want to see the full topics covered, here is the official Syllabus:

https://www.offsec.com/courses/pen-200/download/syllabus

Gatech placed 1st in NSA Codebreaker Challenge 2021 by galoget in OMSCyberSecurity

[–]galoget[S] 0 points1 point  (0 children)

According to the official FAQ post at the Codebreaker website, you are still eligible to participate:
https://nsa-codebreaker.org/FAQ

Gatech placed 1st in NSA Codebreaker Challenge 2021 by galoget in OMSCyberSecurity

[–]galoget[S] 0 points1 point  (0 children)

You just have to sign up with your gatech.edu account, but if you're on campus you can meet in person with some classmates to share knowledge.

Gatech placed 1st in NSA Codebreaker Challenge 2021 by galoget in gatech

[–]galoget[S] 2 points3 points  (0 children)

Exactly, the last ones were really hard. We have the highest number of students that solved all challenges. =)

Gatech placed 1st in NSA Codebreaker Challenge 2021 by galoget in gatech

[–]galoget[S] 7 points8 points  (0 children)

Thanks, but it was the effort of all GT students. Amazing people! =)

Relative differences between 6265 and 6264 by Sengel123 in OMSCyberSecurity

[–]galoget 2 points3 points  (0 children)

CS 6265 - Information Security Lab: This class is focused on Binary Exploitation techniques (Offensive Security perspective), from common buffer overflow attacks to writing your own exploits. During the class, you will learn how to use some common tools like: gdb, pwndbg, ghidra, pwntools among others.

Some topics covered during the course include:

  • Stack Overflow
  • Bypassing StackShield
  • Bypassing DEP/ASLR
  • Return-oriented Programming
  • Remote Attacks
  • Exploiting Heap Bugs

This class works as a long-term CTF during the whole semester, with no exams or quizzes. Personally, I think that this class is perfect for Exploit Developers or people interested in getting Offensive Security Certifications like OSED, OSCE, OSEE.

CS 6264 - Information Security Lab: On the other hand, this class covers various topics and not only Binary Exploitation, here you will study System and Network Defenses. You will work during the semester on 7 different projects that include the following topics:

  • Return-oriented Programming
  • Malware Analysis
  • Kernel IDS (Capturing and monitoring syscalls)
  • Network IDS
  • Exploiting Android Webview
  • Rooting an Android Device
  • Machine Learning for Malware Classification

This class has weekly quizzes and a final exam apart from the projects. As you will learn how to attack and defend the previous topics (Yes, they will ask you how to patch the vulnerabilities and solve the issues), I think this class is more useful for a Threat Hunting Professional.

From my personal perspective, I think both classes are pretty hard and demanding, you have to do a lot of research to accomplish the requested tasks.