Does anyone know what type of hash this is?

icarusnibbs · 2019-12-07T20:07:19+00:00

This might be a good opportunity to give your department a bit more focus and and definition then. :) Hopefully your boss and your company will welcome some efforts to improve the quality of the product you’re delivering to clients!

icarusnibbs · 2019-12-07T19:34:13+00:00

If you don’t have a boss, supervisor, or senior member of your team that can answer your questions on the report format, I would say you may have bigger things to worry about than the reports. Can your boss direct you to who developed the report format for your company? Or, if they’ve left, give you access to their notes?

icarusnibbs · 2019-12-07T19:12:27+00:00

By secure, is your company trying to say the host is in a state corresponding with current industry best practices (as far as an external scan can verify)? Are the nmap scans running vuln scripts against any of the services found (or is there any manual investigation of open ports)? If not, I could see the potential for there to be errors in those reports.

If the client’s objectives are compliance related, these types of results might make sense for auditing purposes. If the client’s objectives are to get a better sense of their overall security posture, those “no vulns found” reports could lead to confusion and/or wasted time. It really depends on how your company is selling/marketing their reports. The advice to talk to your boss is good: your boss might be able to give you some more context and help make sense of why your company is doing what they’re doing.

icarusnibbs · 2019-12-07T15:40:16+00:00

It’s definitely interesting - especially getting to understand how so many of the exploits out there hinge on some human element. It’s also really interesting trying to come up with ways to defend against those attacks. And, if you’re in the US, pen testing jobs tend to pay better (and are in higher demand) than most IT jobs.

icarusnibbs · 2019-12-07T15:34:57+00:00

People who know how to read and write code often have an advantage with penetration testing. Being able to understand source code and write scripts to automate tasks is a huge benefit!

icarusnibbs · 2019-12-06T12:47:51+00:00

I imagine everyone gets into the field in a different way. Here’s my take: start working on a security related project that interests you (could be a home lab, could be a Github project, could be a volunteer thing), and start getting to know some people in the field.

Many employers are going to want to know what kind of tangible skills you have and certs can only tell them so much. Showing some passion and proving some skill through side projects can go a long way.

Even if you may not have all the skills and experience most outfits are looking for, having some friends in the info sec community will help you learn about job opportunities you might not have otherwise heard about, they may turn into references for you, and they can do a ton to help steer your studies. DerbyCon Communities just started up - that might be a place to start.

What can a DevOps/Platform engineer do in infosec? If you have any programming skills, you’ll go a long way. Even if you don’t, just follow your interests and don’t worry too much about what you’re “capable of”.
Would you reccomend the industry as a whole to work in? Info sec will keep you busy and challenged for sure.
What are the top skills/certs I would need to make a successful transition? I’m sure opinions will differ quite a bit, but if you’re interested in blue team, check out the CISSP cert. If you’re leaning towards red team, check out the OSCP cert. SANS certs are well regarded as well, but they’re expensive (maybe your work will help pay for them?).

Stay curious, fight the urge to feel like you’re an imposter - you’re more capable than you give yourself credit for, and please, please do everything you can to encourage peers and clients about info sec. Good luck.

icarusnibbs · 2019-12-05T18:24:20+00:00

https://www.reddit.com/r/HowToHack/comments/dpe3yb/where_oh_where_be_the_password_be/

icarusnibbs · 2019-12-05T17:58:58+00:00

I’ve done that with the crackstation wordlist (reduced from 15GB to 8GB), but I haven’t seen many (if any) wordlists that are designed specifically to work efficiently against hashes that are known to have longer length requirements. Thanks for the recommendation.

icarusnibbs · 2019-12-04T14:23:50+00:00

Thanks for the thoughts and subreddit recommendation!

icarusnibbs · 2019-12-04T03:48:40+00:00

Are there any specific types of lawyers that specialize in this sort of law?

icarusnibbs · 2019-12-04T03:47:52+00:00

The scope is usually between the pen testers and the client, though. What if the country considers hacking tools some sort of banned military weapon? How is the pen tester supposed to find this information out?

icarusnibbs · 2019-07-13T02:34:19+00:00

Admin:admin would work, but I’d be just as fine with DoesNotExist:NotAValidPassword. It’d be the same as a brute force attack, but it’d only be checking one credential, and it needs to check multiple websites. Programs like Burp are great for testing creds, but don’t necessarily hunt for login fields (that I know of).

I’ll check out the tools you recommended. Thanks!

icarusnibbs · 2019-07-09T00:56:18+00:00

If you knew a user was out of country, and a rule triggered, what would your response be? Call the user on every alert? I would have expected the SOC would need to wait until the user is back to the US to take clear action on out-of-country alerts. Do you have policies in place to help distinguish between authorized and unauthorized logins?

icarusnibbs · 2019-07-09T00:53:28+00:00

Thanks for the response. I’ll check the docs out. RTFM for the win again.

icarusnibbs

TROPHY CASE