PNPT Exam review and how did I approach the exam. Delivered by @TCMSecurity @thecybermentor #Cybersecurity #hacking

I must start saying that this exam was great. I started doing practical exam during my Novell eDirectory 991 course back in the days. And I loved them. This is another exam that I must say goes to my heart. I love the practical stuff. One other thing to say about this exam is that... Continue Reading →

Review on Practical Web Application Security and Testing from @TCMSecurity and @mttaggart learn @owasp #hacking #education #almostfree

Hi! I do this one more time then I need to go back to the original schedule read here : https://blog.invid.eu/2022/01/06/my-ocsp-and-pnpt-journey-from-the-beginning-during-and-i-hope-the-end-tcmsecurity-thecybermentor-offsectraining-pnpt-oscp-joplinapp-reconmap-bhinfosecurity-strandjs-hacking-pentesting/ I did find this course very helpful so I need to say a few words. This course was amazing. One thing stands out from any other web course. After you finish the course you... Continue Reading →

Review on Practical Malware Analysis & Triage from @TCMSecurity and @HuskyHacksMK #malware #hacking #education #almostfree

Hi It is not often I do a post a review of  web courses except in my journey post https://blog.invid.eu/2022/01/06/my-ocsp-and-pnpt-journey-from-the-beginning-during-and-i-hope-the-end-tcmsecurity-thecybermentor-offsectraining-pnpt-oscp-joplinapp-reconmap-bhinfosecurity-strandjs-hacking-pentesting/ But I did find this course so dam good that I need to shout it out. This course was amazing. I learned alot, new stuff for me. Matt Kiely  @HuskyHacksMK who was the teacher is amazing,... Continue Reading →

Governance, Risk and Compliance (GRC) Analys Master Class with @Gerald_Auger #SimplyCyber @NIST #cybersecurity #education

I did take a small break today from Offensive Security today and found a realy nice course, not so practical but still very important. If some of below words is picking your brain this course is for youA Cybersecurity Primer, Compliance and Audit Work, Security Awareness Work, Cybersecurity Risk Work, Information Security Governance Work, Getting... Continue Reading →

Eat, Drink, Sleep and Shit security. How in a “easy” way keep you updated on what is happening out there. @BHinfoSecurity @ActiveCmeasures @WWHackinFest @intigriti #security #knowledge

How do you keep you updated on what is happening out there, I have some tools and workflow that will keep you busy. One thing you need to think about, not everything on the internet is the truth.The hard thing here is that there is endless information out there, but yo do not need to... Continue Reading →

My OCSP and PNPT journey from the beginning, during and I hope “the end”. @TCMSecurity @thecybermentor @offsectraining #PEN-100 #PEN-103 #PEN-200 #PEN-203 #WEB-100 #SOC-100 #PNPT #OSCP @joplinapp @reconmap @BHinfoSecurity @ActiveCmeasures @WWHackinFest @strandjs #hacking #pentesting

Intro Hi all! My plan is that under 2022 to take OSCP and PNPT exam. To get the full picture we start from the beginning. Why do I post this? Share knowledge is the simple answer, and I am getting old so I need to document everything I do. I think this is a good... Continue Reading →

CEH Master, LPT, eJPT and eCPPTv2. My thoughts about the exams ,courses and how I got there. @ECCOUNCIL @eLearnSecurity @ReadynezSocial @hackthebox_eu @RealTryHackMe @BHinfoSecurity @RedSiege @WWHackinFest @ActiveCmeasures

I am gonna try to explain how my dedicated my life to work and what it takes for me to get this far. This is gonna be about the penetrations exams that I took, but I would not have passed these if I did not took the Novell Netware Networking course back in the days.... Continue Reading →

Passing the eCPPTv2 certification from eLearnSecurity. 10 answers for you to pass the exam. Thanx to @eLearnSecurity @RealTryHackMe #eCPPTv2 @thecybermentor #infosec #hacking #pentest #pentesting #redteam #hackthebox #linux4hackers #blackbox

Got the eCPPTv2 Certification today. Nice way to start the year with. 7 days of penetration testing and 7 days of report writing. Total of 14 days. This is the schedule that you get. The penetration test is in form of black box. You can use what tool you want. Why invent the wheel again?... Continue Reading →

Why would you use masks with hashcat when you crack hashes in brute force mode. @hashcat #LINUX4HACKERS #HASHCAT #LINUX #INFOSEC #HACKING #PENTEST #PENTESTING #REDTEAM #NVIDA #TESLAM60 #NTLM #BRUTEFORCE

In this post I will try to explain why it is important to use masks when you crack password from hashes with hashcat. The machine that I run hashcat on has 2 Tesla M60 card and running Linux. Why do I not use longer password in this test, I do not want to wait 7... Continue Reading →

How to export/crack SAM database with internal Windows tools if you do not have access to mimikatz / hashdump / metasploit. As a bonus we also look at cached domain hashes. #LINUX4HACKERS #HASHCAT #LINUX #INFOSEC #HACKING #PENTEST #PENTESTING #REDTEAM #NVIDA #TESLAM60

Hi! I wanted to dump hashes on a Windows 10 box without any external tools. This is how I did it. We start at first with the short version Export SAM with reg.exeConvert SAM with impacket-secretsdump to get to the hashesUse hashcat to crack the hashes We start first with exporting the sam database with... Continue Reading →

Using MindMap application when doing pentest or ctf! Up for you to decide. #MindMaps #freesoftware #kali #linux4hackers #linux #infosec #hacking #pentest #pentesting #redteam @kalilinux #ctf #bugbountytips @insilmaril

I was thinking about a nice and easy way to save a penetration test and come up with this.Use a MindMap application.There is a alot of MindMap application out there. I am running Linux on my machine so I ended up with VYM. (http://www.insilmaril.de/vym/)The nice thing about VYM is that it is free and comes... Continue Reading →

How to get IPv6 and IPv4 support with proxychain4 running kali. #hack #kali #linux #infosec #hacking #pentest #pentesting #redteam #proxychain4

I wanted to use proxychain with IPv6, ended up with this configuration. If you have not install proxychain4 do that now! Tor configuration file add below /etc/tor/torrc SocksPort [::1]:9050 SocksPort 127.0.0.1:9050 ClientUseIPv6 1 ClientPreferIPv6ORPort 1 ClientPreferIPv6DirPort 1 Proxychain4 configuration file. Add the information below in the file under [ProxyList] /etc/proxychain.conf socks5 :: 9050 socks4 127.0.0.1... Continue Reading →

If you are attending “Getting Started in Security with BHIS and MITRE ATT&CK with @strandjs” next week and running Linux and VirtualBox. How to import the machine? @BHinfoSecurity @WWHackinFest @debthedeb #cybertraining #hackers #CyberSecurity #infosec

I am running Kali and VirtualBox. When running Virtualbox there are some issues. If the machine that you are running AMD this perhaps works. I am running INTEL so that sucks. INTEL + VirtualBox + Wsl v2 = Do Not Work For Me. There is a problem running wsl v2 in VirtualBox with Windows 10.Not... Continue Reading →

Spam-test. Test if your email adress / domain are on any blacklist or if anything is wrongly configured. Check for spf,dkim and other stuff. #pentesting #blueteam #cybersecurity #spam #tester

This is a simple way to test if your email security is ok. Open a web browser and access https://mail-tester.com and copy the destination email on the page. Then send a email to that address that you got from the page Then go back to the web page and press Then check your score. (wait... Continue Reading →

Buffer Overflow, how do I prepare for Penetration Testing Professional V5 buffer overflow part. @eLearnSecurity #bufferoverflow #infosec #hacking #pentest #pentesting #redteam #hackthebox #INVIDGruppen #INVID

I am  not a programmer from the beginning so I struggle a lot with buffer overflow part of the PTP course. I can not turn back  time 25 years and start study programming so how do a old dog learn buffer overflow? This is what I do. Watch Videos, I learn faster if someone tells... Continue Reading →

How to set up juice-shop @ heroku for free. Then begin hacking your own web application. @heroku @owasp #infosec #hacking #pentest #cybersecurity #webhacking

Update 2022-08-25 Seems that this is not gonna be free anymore 🙂 https://blog.heroku.com/next-chapter I was watching a YouTube video from https://twitter.com/thecybermentor  and wanted to spread the word to my 2 followers. This is a great way to get started with web application hacking. You will set up your own environment in seconds. After the deployment... Continue Reading →

Create file with hostnames from website with cewl, then scan the webserver for vhosts with Metasploit vhost_scanner to find hidden virtual hosts on webserver. #infosec #hacking #pentest #pentesting #redteam #hackthebox #ctf #linux4hackers

We start to collect possible hostnames from websites with Cewl cewl http://10.10.10.1 -w cewl.txt You can also use some other switches like -d = deph to look on the website for words -m = minimum wordlengh -w = outputfiel So that the final command can look like this: cewl http://10.10.10.1 -d 5 -w cewl.txt When... Continue Reading →

CORE-IT is a FREE virtual conference hosted by Chappell University. The online event begins March 24th at 9 am Pacific Time. #wireshark #nmap #darknet @torproject #kismet #tcp #dns @LauraChappell https://www.engagez.net/coreit1#lct=entrance

I got an email regarding a  free Virtual Conference 2020! Could be something real nice! https://www.engagez.net/coreit1#lct=entrance Agenda here: https://coreit.s3.amazonaws.com/CORE-IT_Agenda-v1f.pdf https://coreit.s3.amazonaws.com/CORE-IT_Agenda-v1f.pdf https://coreit.s3.amazonaws.com/CORE-IT_Agenda-v1f.pdf https://coreit.s3.amazonaws.com/CORE-IT_Agenda-v1f.pdf https://coreit.s3.amazonaws.com/CORE-IT_Agenda-v1f.pdf

Blog at WordPress.com.

Up ↑