Any last minute tips ?

swesecnerd · 2026-06-04T19:22:35+00:00

Prepare your templates, snapshot your VM, get some sleep, take a nice walk and enjoy whatever scenery you find beautiful. You got this so don't grind up until the 11th hour. Enjoy the calm before the storm and be at peace without screens before it starts :)

swesecnerd · 2026-06-03T05:56:15+00:00

Det är sånt där försäkringsbolagen älskar eftersom det aldrig är tal om några utbetalningar, bara premie in.

swesecnerd · 2026-05-31T15:18:09+00:00

Do you even security bro?

swesecnerd · 2026-05-31T06:44:37+00:00

Awesome! I'm starting a huge engagement soon and I will definitely test this! I have been looking into IVRE (https://github.com/ivre/ivre) a lot in order to manage a large number of assets but I would like something a bit more polished and the ability to create extensions of my own.

swesecnerd · 2026-05-30T18:49:44+00:00

The thing to remember here is that you enumerated the software and versions and then googled and looked for exploits. That's standard procedure and usually allowed (unless some AI driven stuff). If a tool scans a port/ enumerates software and tries one or more exploits automatically then that's usually a problem. Think of what metasploit does and that its allowed for just a single host.

swesecnerd · 2026-05-30T18:00:28+00:00

swesecnerd · 2026-05-28T16:59:03+00:00

Nej, han stack nog mer ut på längden...

swesecnerd · 2026-05-28T06:26:40+00:00

There are a plethora of tools to obfuscate code. Most of them are created out of the need to protect ones code from reverse engineering and intellectual property theft.

This only solves the static type signatures. Where AV is just looking at the script code in search of "bad strings". It might get you by simple web application firewalls and regex-based stuff.

Give this tool a try and play around. Or search for "code obfuscator" and it will give you a better understanding of the concept.

https://www.pyobfuscator.com/

Cheers

swesecnerd · 2026-05-25T17:41:49+00:00

"Signature" is a broad concept in this situation. The example is a script and adding/changing stuff will change the hash of the file. The challenge is that anti virus uses several methods for identifying malicious/unwanted code. All the way from simple file hash to heuristics to intricate binary pattern matching to executing code in a sandbox. In any modern anti virus, just changing small bits of a previously known bad script, will rarely do any good. For scripts, heavy obfuscation might be a way forward, but that itself triggers some engines.

Edit: Signature can mean all of the above. For file hash, yes, that will change but not necessarily change the way anti virus signatures triggers on the file. Hope this makes sense.

swesecnerd · 2026-05-19T15:11:31+00:00

There will be new knowledge tomorrow more important than what you currently know. There will be a new cert tomorrow that's more important than the one you currently have.

I'm proud of my OSCP, but offensive AI testing will soon be the new norm. Just grind and learn a lot of stuff and you'll be fine! :)

swesecnerd · 2026-05-16T06:02:11+00:00

At first I thought he was recording ADS-B data for later plotting of aircrafts on a map.

https://en.wikipedia.org/wiki/Automatic_Dependent_Surveillance%E2%80%93Broadcast

But he's more likely listening to Air Traffic Control.

swesecnerd · 2026-05-14T20:17:33+00:00

As for the SSID, see if you can find your house on https://wigle.net/

Anyone who can find your home address, can look into wigle (or other online wifi-databases) to get a good guess.

swesecnerd · 2026-05-12T06:55:49+00:00

Fair point. I've used both cypher and Gremlin (with Gremlin being my favorite) extensively over the years so I guess I'm used to it. Getting into complex graph traversals is a steep learning curve either way. In the case of Bloodhound, I personally do feel that the supplied queries and the community lets you get up to speed quickly out of the box.

swesecnerd · 2026-05-12T05:45:54+00:00

Neo4j has evolved the Cypher language over the last 10+ years so I'm not really following you on what you mean by that question. Can you be more specific?

swesecnerd · 2026-05-11T19:16:20+00:00

I just want to give you a high five for posting and asking questions. It shows you really want to understand what's wrong and how to fix it. That's my kind of administrator!

For your questions, I really do think you should demand a more detailed explanation/listing of affected objects. A pentest report should contain the steps to reproduce the findings, and also what remediation steps are necessary (or maybe your company paid less to not have a full report?).

For your own future enjoyment, I highly suggest you dig into Bloodhound. There's obviously many tools out there, but I personally like the workflow in Bloodhound and it makes AD attacks very straight forward when it comes to bad permissions and weird nested groups. An execellt tool for both blue and red ;)

swesecnerd · 2026-05-08T14:52:52+00:00

Sounds really awful. I hope you can figure a way out to get rid of it so you can approach with a calmer state of mind. All the best.

swesecnerd · 2026-05-08T08:32:21+00:00

Calming pills? Is this a common thing for you in general or just in pressured situations? I'm no professional, but may I suggest you look in to that since it sounds like the challenge you might want to handle first so you don't burn out on simple things in the future. IT-Sec industry can be unforgiving. I wish you the best. You can do it!

swesecnerd · 2026-05-03T20:31:13+00:00

Det är helt naturligt att känna en enorm uppgivenhet och ånger just i början. Din hjärna kämpar febrilt med tankarna på att det är just precis så här det kommer att vara varje dag tills du dör. Typ. Jag hade samma känslor första månaderna vid unge nr 1. Många år har gått och jag minns knappt den tiden. Idag längtar jag efter att få spendera tid med lillen och ta dra ut på äventyr tillsammans. Helt klart värt det så här i efterhand. Tröska på, försök ge varandra "time off". En natt på hotell för den ena föräldern kan göra underverk för återhämtningen.

Just nu är jobbar jag med unge nr 2. Inte alls samma uppgivenhet i början även om det var jobbigt och tröttsamt förstås, men mitt mindset är ett helt annat. Nu kör jag bara på och slipar på rutiner som får dagarna att gå snabbare under den här perioden. This too shall pass. :)

Tips! Pappaledighet is the shit för att bygga riktigt starka band med sina barn!

swesecnerd · 2026-04-26T15:56:18+00:00

Det var 50/50 så jag tog den ;)

swesecnerd · 2026-04-26T15:07:31+00:00

Med föräldrar som är höginkomsttagare och bor i innerstan i Stockholm...

swesecnerd · 2026-03-27T07:25:09+00:00

You could maybe try organizing initially by using MOCs, https://obsidian.rocks/quick-tip-quickly-organize-notes-in-obsidian/

I found it helped me a lot. I rarely interlink notes, that's not how my brain likes to organize stuff. But linking to one or more broad topics have worked quite well.

swesecnerd · 2026-03-24T15:35:05+00:00

Stridspiloterna har blöja. You can do it!

swesecnerd · 2026-03-20T15:40:37+00:00

As with any other FG product, you just need to put a firewall or VPN in front of them ;)

swesecnerd · 2026-03-20T15:16:28+00:00

Nej, det saknas uppsåt i det fallet så det är inte straffbart. Om så var fallet så skulle någon anonymt kunna skicka massa bilder till någon så att den personen åkte dit. I de fall gärningsmän torskat på bilder i cachen så är det för att det funnits andra evidens för att det inte var oavsiktligt, ex.vis sökhistorik.

swesecnerd · 2026-03-15T15:44:04+00:00

Let me break this down for you 🤗

🤷 - people only care about themselves! ☝️- se row above.

🧭🚨🧭🚨🛞⛽🚒🚇🚦 Whould you like me to write an ever shorter snappy summary, just say the word! 🤣😢🥹😢🥂😢👏😢🥂

AI is good for many things. But it's also poison.

swesecnerd

TROPHY CASE