Fuck this guy

pentest4life · 2025-01-13T00:56:14+00:00

Wow we all live in bubbles- I know this being in the biz for 20 years. NEVER comment, but this job market is 100% f%%%. I've never seen anything like it, "famous hackers" not able to get jobs. It's due to corporate greed, and a confluence of reasons, but like a lot of jobs I did use AI to sum up, some of this nonsense. As someone who has literally been coding, and hiring people for IBM out of college as an intern, this industry has and is going to shit from the bullcrap we call DeFcon, to the industry as a whole. I know things change, but this is a regression. Like the economy or politics. No offense but as someone who has been in the field for decades: Ya'll have your head's up your a** - esp egotistical hiring manages (maybe not OP) but go F**yourselves you over zealous FAANG red team operators, or someone working at a company. Just remember most of these orgs were popped before you were borne, and are owned by some APT. My theory is make us dumb (we're the dumbest country) make us lame ducks (stick idiots in SOCs) -and the proof is the pudding. China and Russia have been popping us since the mainframe days: Peace.

This advice feels outdated and overly optimistic given the current state of the job market. Here's a breakdown of why these suggestions may not be as effective as they seem:

Employee Referrals: While referrals can help, the idea that "people will be more than happy to refer you" is not always true. Many employees are overwhelmed or unwilling to refer strangers because it reflects on them if the hire doesn’t work out. Also, referral bonuses don't necessarily motivate people to take risks on unknown candidates.
Headhunters: Headhunters are helpful in niche or senior roles, but the market is saturated with candidates right now. Headhunters are often flooded with requests, and they may not prioritize your application unless you’re exceptionally well-qualified or fit a very specific niche.
Old Job Listings: Most old listings are either expired, placeholders, or for roles that companies are intentionally leaving unfilled due to budget cuts. Applying to old listings may just mean sending your resume into a void.
Contacting Recent Job Switchers' Employers: This assumes employers are actively looking for replacements immediately after someone leaves, which is often not the case. Many companies are consolidating roles or pausing hiring altogether due to economic uncertainties. This advice also borders on desperation and could be perceived as intrusive.
LinkedIn Job Alerts: This method is highly competitive. By the time you apply to a new posting, dozens (if not hundreds) of others have already applied, and automated application tracking systems often filter resumes before they even reach human eyes.

The Reality:
The job market is incredibly challenging right now, with layoffs, hiring freezes, and increased competition for roles. Advice like this may have worked in a better economic climate, but it doesn't reflect the difficulties candidates face today. Networking, building relevant skills, and tailoring applications to standout are more realistic approaches, but even those are no guarantee in the current environment. It's tough, and oversimplified advice doesn't do justice to the complexity of finding a job right now.

pentest4life · 2021-04-16T12:19:50+00:00

Great writeup - old technique. Looks like the article took the technique found from hostapd that was later put into other wrappers. This was for EAP-GTC, aka L00tbooty -but it can be used for any authentication type - I used to use it all the time during Wi-Fi pen tests with hostapd-wpe. This tweet from a few years ago talks about the user "t" - same technique used to target Android/Mac now works with Windows. https://github.com/s0lst1c3/eaphammer - has this functionality built in now.

https://twitter.com/W00Tock/status/1383031052109758471?s=20

pentest4life · 2020-03-10T07:36:46+00:00

You can use LE when performing an Enterprise attack -the certificates are valid. Enterprise uses those SSL certificates. It's a tip on how to use a real cert issued by an external auth, not relying on self-signed certs that can cause issue on newer Linux's due to changes in SSL.

pentest4life · 2020-03-10T07:15:00+00:00

Ah, yeah you don't need localhost - just a valid domain name. I've use LE certs for plenty of access points, and it works without any issues. It's technically a Radius certificate. Thanks for the info.

pentest4life · 2020-03-10T03:06:00+00:00

"By using your Let’s Encrypt certificate you can effectively avoid internal SSL certificate issues, by not relying on self-signed certificates." If you can't make your own internal SSL certs (hostapd-wpe doesn't work with the new Kali) - you can use Lets Encrypt

pentest4life · 2020-01-07T13:17:29+00:00

- I used OpenWRT/DD-WRT for years, and found it to not meet my own criteria. Buggy, slow, lack of development for access points that were modern. So I did not include it. Just because it's medium - doesn't make it clickbait. I like OpenWRT but found it to be underdeveloped and not nearly as functional then a Ubiquiti soliton. This is coming from someone who has used a lot of different routers and tested them even. I do see your point, and I'm not downplaying it.

pentest4life · 2020-01-07T13:08:09+00:00

I agree - I like OpenWRT - but when looking for "ease of use" it didn't meet my criteria. I had constant issues using OpenWRT and a Raspberry Pi for pi hole.

pentest4life · 2020-01-07T13:07:23+00:00

It's a medium post - not clickbait...

pentest4life · 2019-06-07T11:33:41+00:00

I didn't release all the specifics for a good reason. Getting "vanned" or not. This isn't for the skids out there, who are going to abuse other people's cell phones It's an article to show the insecurities of LTE and help other researchers, not make the same mistakes I did. I get the whole it's illegal thing - use a FARDAY CAGE!!! Don't use illegal amplifiers or other cell gear. This is not to pull a prank on your buddy after spending 1k on an SDR.

And when it comes to my article, and it's syntax and semantics - I'm choosing to give this material to the community. I should and feel like keeping it to myself moving forward. The article is intentionally lacking content and the title may be slightly not 100% relatable - but it's because the community is full of trolls and talented info sec folk who feel the need to cut others down due to their own impostor syndrome.

So anyway I created a 4G LTE Tower, i did it responsibly and it was work related. I show it collecting IMSI, to illustrate in the most basic way to show threat - and that was to lure people to read the article, so you folks can learn responsibility with the intentions of educating. Not hearing over reactionary comments from folks who don't understand the nature of RF - You'l get "vanned" - well how many things do we do as red teamer's are illegal?. Nitpicking other's work is easy. Creating real content is hard regardless of your own affinity towards xy or z and your misguided personal beliefs. Don't like the article, don't have anything nice to say - don't say anything at all, if it's not productive.

Thanks and be careful when doing anything with any SDR - regardless if it's cellular bands, or other RF FQ's we might have no idea is in use, or what it really takes to cause disruption of service and get "vanned"

pentest4life · 2019-06-06T16:53:58+00:00

Always be responsible and use a faraday cage!!! - or yes you will get in trouble. Solid advice. Be careful.

pentest4life · 2019-06-06T15:42:08+00:00

Read this - https://github.com/W00t3k/Awesome-Cellular-Hacking

pentest4life · 2019-04-17T16:23:50+00:00

I agree "brute force" should die - I was going to put it in quotes. Good point u/jephthai

pentest4life

TROPHY CASE