Technique, Tool and Lecture #8

Technique: One line dash loop for running CLI tools on Kali for IP in $(cat ~/Desktop/target); do nikto -host $IP >> ~/Desktop/nitko-output; done; Tool: Nikto Lecture: Drinking from the caffeine firehose we know as shodan https://www.youtube.com/watch?v=5cWck_xcH64 Check out all the entries of this series! Technique Tool and Lecture #14 Technique Tool and Lecture … Continue reading Technique, Tool and Lecture #8 →

Difference between Ethical Hacker, Boug Bounty(ier), Penetration Tester, Security Consultant and Security Researcher

Let me first say that most of these terms are used interchangeability by the majority of outlets (especially media) incorrectly Please note this is VERY incomplete and I will continue to update this as time goes by Types of "Hacker" -- Whitehat Grayhat Blackhat -- Ethical Hacker: Type: Whitehat or Grayhat Someone who actively monitors … Continue reading Difference between Ethical Hacker, Boug Bounty(ier), Penetration Tester, Security Consultant and Security Researcher →

So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #3

It's Story time 🙂 For a few summers before I got into the industry I worked at a retail store. On my first day they locked me in the managers office (who was away on vacation) to do some online training. One of the big trainings was about cyber security. This was the funniest thing … Continue reading So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #3 →

Technique, Tool and Lecture #7

Technique: Google Dork for getting results consisting only of IP addresses. You have to include 2 octets but then can use * for the right. For example if I'm looking for data on 103.10.1.1/16 I can do site:103.10.* or site:103.10.*.* Remember * aren't wildcards but they are as close as you'll get. Also remember that … Continue reading Technique, Tool and Lecture #7 →

So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #1

This one is going to be quick, that is because I'm just linking my lecture where I go over where higher education and academia as a whole should move towards as well as provide a general overview of what it means to work professionally within offensive cyber security. Consider this my kick-off post for further … Continue reading So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #1 →

Burp Suite Extensions

Burp Suite is definitely the most used tool for me on a daily basis since I started my new job. Which is funny in a way because in my old job, I found myself relying too heavily on it and trusting it way too much. That said, it is also my favorite tool. Don't get … Continue reading Burp Suite Extensions →