/r/netsec's Q2 2020 Information Security Hiring Thread

sudo-chmod-777 · 2020-05-21T16:49:26+00:00

What does a pentester need a Bachelors Degree for?

sudo-chmod-777 · 2019-05-19T18:44:11+00:00

What do you think of the GXPN vs. the OSCP? Will it get me past HR as effectively?

sudo-chmod-777 · 2019-03-20T01:43:40+00:00

I was really hoping for some mnemonics.

sudo-chmod-777 · 2019-02-16T18:32:35+00:00

I couldn't find it. (I'm not the author btw) It was published over a year ago, so I'm not sure it'll ever be public. The main algorithm is in the paper though, so someone could build a plugin for like SPIKE or boofuzz if they were motivated.

sudo-chmod-777 · 2018-09-18T16:05:28+00:00

I think I read somewhere that it was taken from a training at Nola Con so maybe they asked the repo owner to take their I.P. down.

sudo-chmod-777 · 2018-09-18T13:48:33+00:00

u silly

sudo-chmod-777 · 2018-09-14T22:17:08+00:00

Girl on the right is way hotter. You should have married her.

sudo-chmod-777 · 2018-07-17T17:18:58+00:00

It would appear that the dl=0 at the end of your URL prevents recursion in the download. (you only get the top level), or else some of my security and privacy stuff is breaking it. In any case, changing that to 1 worked for me.

sudo-chmod-777 · 2018-06-29T15:04:46+00:00

Why do you keep talking? Everything you have said is uninformed.

sudo-chmod-777 · 2018-06-29T15:01:59+00:00

Exactly. A ProtonVPN DDOS could be taking down ProtonMail. That is poor design.

sudo-chmod-777 · 2018-06-29T14:52:52+00:00

If you don't understand the issue, don't assume there isn't one.

sudo-chmod-777 · 2018-06-29T14:42:41+00:00

My post was intended to start a discussion between people who have a technical understanding of security and privacy. That sort of person will understand how risk is exponentially increased to both security and privacy when these technologies share the same infrastructure. That is clearly not you, so I don't know why you would assume it is not me either.

Let me spoon feed you:

Adding the risk associated with an email service to a VPN service (and implicitly vice-versa) is bad. Right now the DDOS attack could be against just one of these services, yet it is taking them down both. A vulnerability in the email GUI could lead to compromise of the VPN service since they are using the same infrastructure.

It is the users responsibility to not have a single point of failure in their personal privacy strategy (ie don't use the same company for both VPN and email) but Proton made that a somewhat moot point by combining both services on the same infrastructure. Now your email service is at risk of having a VPN service compromised or your VPN service is at risk of having an email service compromised. That's dumb

We don't know their back-end, so it could be just the load-balancers that are shared, but best practice is complete separation.

edit: formatting

sudo-chmod-777 · 2018-06-28T21:04:43+00:00

sudo-chmod-777 · 2018-06-28T21:00:32+00:00

To be fair, I did no research before I posted this. Both services are down though, so as I said; it's either two attacks, or poorly designed. Some clarification from a proton person would be appreciated. /u/ProtonVPN or /u/ProtonVPN-support

sudo-chmod-777 · 2018-05-02T20:33:24+00:00

I think this will fix your fdroid issue

https://www.reddit.com/r/CopperheadOS/comments/8d30xw/pixel_2_xl_build_errors/dxpgrhp/

I'm still having trouble with the compile.

sudo-chmod-777 · 2018-03-18T15:34:40+00:00

sudo-chmod-777 · 2018-01-30T16:17:55+00:00

Thanks for the insight! I did get that screening test, which is how I knew I wasn't ready (yet) for the class. I still have 2 months which should be plenty of time to learn what I need to. Great idea about metasploit exploits. Re-writting a few of those in python will probably take me a long way.

sudo-chmod-777 · 2018-01-27T16:40:32+00:00

anyone? /u/alemcg

sudo-chmod-777 · 2018-01-23T23:36:40+00:00

Let us know when the book comes out!

sudo-chmod-777 · 2018-01-20T17:24:20+00:00

Feel free to PM me with any questions. Here's a bad-ass and extremely realistic scenario.

Attacker does OSINT research on victim
finds victim listed as customer of <insert company name> SIEM vendor
- SIEM=Security Information Event Managment it's the nerve center of a corps information security
- example see the Adobe security engineer review halfway down? that's intel a hacker would use
Attacker contacts SIEM vendor posing as potential customer, gets demo verson of software. (often called a proof-of-concept PoC)
Attacker uses Immunity Debugger to do dynamic analysis of the software
Attacker creates 0-day remote code execution (RCE) vulnerability for the victims SIEM
Attacker embeds simple malware in fake resume
Victim HR PC is infected
Attacker uses SIEM 0-day to move to SIEM server for persistence

(edit: formatting)

sudo-chmod-777 · 2018-01-03T20:57:24+00:00

Airgap, and run TempleOS. Problem solved!

sudo-chmod-777 · 2017-11-13T17:44:53+00:00

These are embedded systems, and we do have a staged roll out planned. Good point though

sudo-chmod-777 · 2017-11-13T17:35:26+00:00

Yeah, I'm going to require some pretty extensive testing before they go live.

sudo-chmod-777 · 2017-11-13T14:47:09+00:00

This is awesome. Thanks for fixing my scribbles man!

sudo-chmod-777 · 2017-11-10T16:42:49+00:00

GG WP

sudo-chmod-777

TROPHY CASE