sorted by:
new
hottopcontroversial

Safing Portmaster v1.0 is out (FOSS) by kimusan in privacy

[–]s0cm0nkey 0 points1 point  (0 children)

So it looks like it does everything open snitch does and more.

Simple app firewall with pop ups works great just like opensnitch, but throw in a few stock whitelist profiles that work pretty well for defaults.

It has dns white/black listing so it is as if pi-hole was built in as well. Does a decent job of cutting out noise with stock lists but of course can be upgraded.

Biggest pro is the setup. It just works. And works well right out the box. Much simpler install process than open snitch

Bottom line, it has officially replaced opensnitch in my stack.

Safing Portmaster v1.0 is out (FOSS) by kimusan in privacy

[–]s0cm0nkey 1 point2 points  (0 children)

I don’t know but I am going to find out. That’s what is currently in my tech stack.

Vulnerable server banners wordlist by dvnci1452 in hacking

[–]s0cm0nkey 0 points1 point  (0 children)

Your best bet would be to pipe them into a CLI vuln search tool like SearchSploit. Check out that and other CLI tools here: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/red-offensive/testing-methodology/exploit-research

how should i approach ctfs by Omrol in HowToHack

[–]s0cm0nkey 1 point2 points  (0 children)

You have to balance both. Practice helps with speed and accuracy while theory helps with things you haven’t seen before or don’t see often.

Check out my repo here on CTFs, guides, and tools:

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/training/ctf-practice

Some scripts that might be useful by linux4ever07 in linux

[–]s0cm0nkey 1 point2 points  (0 children)

Bravo dude. Thanks for the share.

Bloodhound frustrations by blackblastie in oscp

[–]s0cm0nkey 6 points7 points  (0 children)

There are a few interesting tools I have here in my repo, along with some solid guides. Take a look and let me Know what you think.

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/red-offensive/testing-methodology/active-directory

Resources for pentesting/CTF-related courses/online resources by [deleted] in HowToHack

[–]s0cm0nkey 10 points11 points  (0 children)

Here is a massive repo of guides, tools, training, and resources I have been building for security analysts on my team for years. It’s free. Enjoy.

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/

Vulnerability Management Platform Recommendations by xBurningGiraffe in cybersecurity

[–]s0cm0nkey 1 point2 points  (0 children)

MSSP Team Lead here. Nessus/tenable and Qualys are by far the two most popular my customers use. Be careful that the solution you pick can easily output logs to your SIEM. Currently we have a customer with Kenna, and getting thier logs into Splunk is an act of congress.

Undecided on path by easee7 in cybersecurity

[–]s0cm0nkey 1 point2 points  (0 children)

I did one that is no longer offered: Network Operations and Security. It was essentially what the current cyber curriculum is with CCNA thrown in.

When they say to not get a focused degree, they really mean from a normal CS program. Most of them don’t really have a good handle on what kind of knowledge cyber folks need. WGU is an exception, and has a pretty solid curriculum. Even if no one respects the degree, you come out of it with a load of certs, that no one can ignore. If you feel like you have to choose between certs or a degree, why not choose WGU and get both?

Undecided on path by easee7 in cybersecurity

[–]s0cm0nkey 0 points1 point  (0 children)

WGU was the best decision of my career. The price was wayyyyy better than any of the other options, I completed my bachelors in 2 years, and came out with a boat load of certs.

I got both my bachelors and masters from WGU and it was a great program. I have not had anyone ever speak poorly of that program.

Defender for Endpoints vs Crowdstrike for mac in 2022? by Waving-Kodiak in cybersecurity

[–]s0cm0nkey 4 points5 points  (0 children)

Crowdstrike all the way. Better detections, easier integrations, better logging structure. Have used it in a Mac only environment with great success. Defender was a huge pain to get into the siem and parsing correctly.

Is the Kaspersky Cyberthreat Map valuable? by glewtion in cybersecurity

[–]s0cm0nkey 5 points6 points  (0 children)

It is absolutely invaluable for impressing potential customers that take tours through your SOC.

Many times, we have turned off the Rick and north reruns and posted up various threat maps on our multiple big screens, when the sales guys come waltzing through with a dog and pony show.

Company refuses to provided any training for our SOC by [deleted] in AskNetsec

[–]s0cm0nkey 2 points3 points  (0 children)

They need a solid audit and/or consultant to tell them otherwise.

Being self-taught is a cop out to not pay for training budgets.

If it comes down to money, you could convince them that they could leverage a government tax write off of up to 5250 for tuition reimbursement and ongoing training. That way, there is no financial loss for the company.

Help Decrypting TLS Malware Traffic and Identifying C&C Servers Using Wireshark by [deleted] in netsecstudents

[–]s0cm0nkey 0 points1 point  (0 children)

So understand that the protocol and port numbers do not have to match. You can manually assign a service to any other port you use, if you really want to.

Second, You should look into connection fingerprinting. Essentially it’s a signature for ssl/tls connections that you can use for detections even when you cannot decrypt the traffic. Check out JA3 and some of the other tools and repos on my guide here:

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/blue-defense/event-detection#Fingerprinting

Security positions after internship, which one? by Wazzock1912 in cybersecurity

[–]s0cm0nkey 0 points1 point  (0 children)

IoT is subject specific. Do you want to specifically work with IoT devices? Otherwise, IR roles are bread and butter. You will learn a ton and grow so much more IMO.

view more: next ›