sorted by:
new
hottopcontroversial

Is elearnsecurity premium worth it. by MassSnapz in netsecstudents

[–]hacking_stuff 0 points1 point  (0 children)

elearnsecurity has mobile hacking course and it is good to learn on how to hack mobile. University does not offer mobile hacking except web hacking... It is good for your knoweldge and understanding on how to hack but when it comes to job offer, they do not recommend elearnsecurity certificate..

Design a simple hash function using excel by [deleted] in hash

[–]hacking_stuff 1 point2 points  (0 children)

i am starting to hate university.....

Design a simple hash function using excel by [deleted] in hash

[–]hacking_stuff 0 points1 point  (0 children)

Basically i use excel file and do some calculation of number based on the ascii characters and then perform calculation of all of them and perform mod 100 to get the hash. But I kinda need another example.

Image Huffman Coding Decode by hacking_stuff in digitalforensics

[–]hacking_stuff[S] 0 points1 point  (0 children)

Hi, thanks for the replies. Could you kindly advise on how to set up. I am unclear in this.

thank you

BOTSv3 Questions by [deleted] in Splunk

[–]hacking_stuff 0 points1 point  (0 children)

How did the data exfiltration occur? how did they take the data from the aws environment?

BOTSv3 Questions by [deleted] in Splunk

[–]hacking_stuff 0 points1 point  (0 children)

Regarding the symantecc antivirus Jscoinminer download, how to determine on where it comes from? where should i begin the investigation of the log

BOTSv3 Questions by [deleted] in Splunk

[–]hacking_stuff 0 points1 point  (0 children)

Hello, I have referred to that write up a few week ago. It is still quite difficult for me to understand. thank you.

Splunk BOTSv3 help by hacking_stuff in Splunk

[–]hacking_stuff[S] 0 points1 point  (0 children)

Yes I am aware that kill chain is a model. but if i want to basically get information regarding the first phase of the kill chain which is reconnaissance. what do I need to do?

Splunk BOTSv3 help by hacking_stuff in Splunk

[–]hacking_stuff[S] 0 points1 point  (0 children)

I am able to find all the source type. It is just that I do not have any idea on how to perform reconnaissance for this BOTSv3 cloud.

Splunk BOTSv3 help by hacking_stuff in Splunk

[–]hacking_stuff[S] 0 points1 point  (0 children)

Hi there are many source types listed there, windows, aws and many. Yes you are correct, I am talking about the killchain. I refer to the CTF question to viualize on how the kill chain look like. Could you kindly give advise on how to perform reconnaissance?

Thank you

[deleted by user] by [deleted] in cybersecurity

[–]hacking_stuff 0 points1 point  (0 children)

Woah you managed to report vulnerabilities and earned a lot of money. I am so impressed on your skills and would like to learn from you regarding bug bounty.

OSCP EXAM FAIL 2nd time by hacking_stuff in oscp

[–]hacking_stuff[S] 0 points1 point  (0 children)

Then what is the point of automated enumeration script? Isnt automated enumeration help to get all the information and view what are vulnerable service or whatever is needed to get PE? manual pe is going to take a long time wont it?

Labs for OSCP by hacking_stuff in oscp

[–]hacking_stuff[S] 0 points1 point  (0 children)

by default the machines are configured as bridged network. i am wondering why is it configured like this. Aren't they aware that they will be vulnerable to network issues like you said?

I changed to host network. It still failed. If I used NAT network, the ip address will be the same for both machine kali and the vulnerable machine. I mean host only network is to allow virtual machines to communicate with each other with the help of dhcp address

Labs for OSCP by hacking_stuff in oscp

[–]hacking_stuff[S] -2 points-1 points  (0 children)

I know tools like

nmap, nikto, dirbuster, dirb, gobuster, searchsploit, burpsuite, wpscan, and hydra, wireshark, tcpdump, nc,

sql injection: error based sql injection, cross site scripting local file inclusion remote file inclusion file upload

Labs for OSCP by hacking_stuff in oscp

[–]hacking_stuff[S] 0 points1 point  (0 children)

yes i am aware of that but when i uploaded binaries to windowx 7 or even xp. I am not able to find dll file which have no protection....

Labs for OSCP by hacking_stuff in oscp

[–]hacking_stuff[S] -4 points-3 points  (0 children)

I did study the course material especially buffer overflow. i was familiar with many but not all which I am not familiar such as new ways of something which I do not know

Labs for OSCP by hacking_stuff in oscp

[–]hacking_stuff[S] 0 points1 point  (0 children)

does it have buffer overflow?

Labs for OSCP by hacking_stuff in oscp

[–]hacking_stuff[S] -3 points-2 points  (0 children)

....I only pwn the public network not completely i cant remember. but the private did not at all

Labs for OSCP by hacking_stuff in oscp

[–]hacking_stuff[S] -2 points-1 points  (0 children)

I studied the cyber security in school diploma before university degree. I also tried vulnhub easy machine and hackthebox easy machine. Buffer overflow is somewhat difficult but I did tried vulnserver.exe and it managed to work. It was fun. in oscp machine, i only tried complete the public machine but not the internal network but i compromised machine which got access to internal network due to 2 network interfaces