apiratemoo, 4 months ago to hacking

I found this article refreshing for its honesty.

On a side note, have you noticed how many “training” sites there are now? It’s almost like people are making more money teaching hacking than actually doing it."

I agree, but it's worth noting the education market has been saturated with non-material, often designed as a ploy to encourage spending for a very long time now.

A cogwheel grift to get people spending.

Training resources (and the industry) suffer from the following issues:

• Redundancy
• Unnecessary word bloat
• Staleness to dynamic alternatives
• Outdated and unrealistic

https://assume-breach.medium.com/im-not-a-pentester-and-you-might-not-want-to-be-one-either-8b5701808dfc

#hacking #infosec #informationsecurity #penetrationtesting #pentesting
#hack

BishopFox, 7 months ago to AWS

Get a crash course into the world of #AWS cloud security in this interview with @sethsec and @hashishrajan of @cloudsecpod.

Expect insights into the differences between #cloud penetration testing and other forms of #penetrationtesting, how to ensure AWS cloud #pentesting is effective, and more.

https://bfx.social/49iQ6RZ

ChristinaLekati, 7 months ago to OSINT

📚New Blog!
The 2nd part of my "Corporate #OSINT for #SocialEngineering" article is now published.
This blog focuses on the physical perimeter of an organization.
It discusses some of the OSINT techniques used in the planning and preparation of in-person, social engineering attacks.

As security professionals, the goal is to proactively follow the same process a threat actor would to identify information that exposes potential vulnerabilities in our organization’s physical perimeter, and to manage those vulnerabilities.

My hope is that you'll proactively test those resources.

Need more help in getting the full picture on the information that is available about the physical perimeter of your organization? Feel free to reach out!

#opensourceintelligence #physicalsecurity #cybersecurity #cybersecuritytraining #cybersecurityawareness #penetrationtesting #attacksimulation

https://christina-lekati.medium.com/corporate-osint-for-social-engineering-physical-security-3d17f0a29849

krelnik, 8 months ago to security

Some #AppSec wisdom I overheard in a client meeting this week: “Every app is a legacy app once it has gone live.” #Security #ApplicationSecurity #PenetrationTesting #InfoSec

onrust, 9 months ago to security

Tech friends: Have you ever gotten ‘security researched’ or pen tested by a company that you thought didn't suck? At my org we’re on the lookout for a penetration testing service from a security company, but so far it’s been hard to find one that meets our requirements

Any recommendations welcome! <3

#PenTesting #PenetrationTesting #security

deepsec, 9 months ago to random

DeepSec 2023 Talk: Horror Stories from the Automotive Industry – Thomas Sermpinis
In this talk, we will revisit some of the scariest stories we faced during over 50 penetration testing and security research projects, with a twist. In the ever-emerging industry of automotive, with old and new O
https://blog.deepsec.net/deepsec-2023-talk-horror-stories-from-the-automotive-industry-thomas-sermpinis/
#Conference #AutomotiveIndustry #AutomotiveSecurity #DeepSec2023 #PenetrationTesting #Talk

heiseonline, 9 months ago to hacking German

Last Call: Webinar-Serie Ethical Hacking für Admins – Lerne Pentesting und mehr

In fünf Webinaren, vom 4. September bis 9. Oktober, lernen Interessierte das Handwerk des Penetration Testers. Damit sind Sie Angreifern einen Schritt voraus.

https://www.heise.de/news/Last-Call-Webinar-Serie-Ethical-Hacking-fuer-Admins-Lerne-Pentesting-und-mehr-9219980.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Hacking #PenetrationTesting #news

heiseonline, 10 months ago to hacking German

Ethical Hacking für Admins: Lerne Pentesting und mehr in der Webinar-Serie

In fünf Webinaren, vom 4. September bis 9. Oktober, lernen Interessierte das Handwerk des Penetration Testers. Damit sind Sie Angreifern einen Schritt voraus.

https://www.heise.de/news/Ethical-Hacking-fuer-Admins-Lerne-Pentesting-und-mehr-in-der-Webinar-Serie-9219970.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Hacking #PenetrationTesting #news

itnewsbot, 10 months ago to random

Sleuth Untrusted USB Communication with USBValve - USB devices are now ubiquitous and, from an information security standpoint, this ... - https://hackaday.com/2023/07/16/sleuth-untrusted-usb-communication-with-usbvalve/ #penetrationtesting #peripheralshacks #raspberrypipico #securityhacks #i2coled #malware #tinyusb

heiseonline, 10 months ago to hacking German

Ethical Hacking für Admins: Lerne Pentesting und mehr in der Webinar-Serie

In fünf Webinaren, vom 4. September bis 9. Oktober, lernen Interessierte das Handwerk des Penetration Testers. Damit sind Sie Angreifern einen Schritt voraus.

https://www.heise.de/news/Ethical-Hacking-fuer-Admins-Lerne-Pentesting-und-mehr-in-der-Webinar-Serie-9197546.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Hacking #PenetrationTesting #news

fosslife, 11 months ago to security

Check out open source recon tools for pen testing https://www.fosslife.org/10-open-source-recon-tools-pen-testing #recon #PenetrationTesting #security #networking #tools #PenTesting #OpenSource

ljrk, 1 year ago to random

So, apparently #sales produced a presentation on #PenetrationTesting that I'm supposed to hold... with a lot of garbage slides. Great!

I do not dislike sales people per-se, but please ask us what our job is instead of second-guessing it and producing a, excuse my language, a steaming pile of shit. :-(

4ndr34z, 1 year ago to infosec

Added a PowerShell version too.
https://GitHub.com/4ndr34z/ntlmthief

#infosec #penetrationtesting #NTLMRelay #ntlm