A Veteran Cyber Security Community
In this video, we cover common Active Directory attacks, including GPP/cPasswords and Kerberoasting against Hack the Box’s Active. We also cover basic buffer overflows with Vulnserver. We conclude with career Q&A. If you enjoy this video, please follow me on Twitch (https://www.twitch.tv/thecybermentor) for future lessons! Wanna chat? Add me on Twitter, YouTube or LinkedIn!Veteran? Join
In this video, we cover vulnerable machines from a penetration tester’s perspective. Instead of just capturing the flag, we cover what vulnerabilities potentially exist and would be noted on a penetration testing report. We conclude with career Q&A. If you enjoy this video, please follow me on Twitch (https://www.twitch.tv/thecybermentor) for future lessons! Wanna chat? Add
Introduction Around a month ago, I was looking for my next “hacking” certification. Up to this point, I’ve achieved the CEH, OSCP, OSWP, and Pentest+ (beta), in that order. I was specifically looking for web application, reverse engineering, and advanced penetration testing certifications that were relatively up to date as I felt that I needed
Hey again! This is part 2 of my Introduction to x86 Exploit Development. If you didn’t check out my first part of this series, I highly recommend it before reading this. In this post, we go a little more in depth as to how things get laid out in memory from a program standpoint, now
Hey everyone! This post will serve as a supplement to my first of many tutorials on Buffer Overflows for Linux which will tie into my Exploit Development tutorials. I will try to keep this post focused on the minimum amount of knowledge needed to understand what a buffer overflow is, how it works, and how to
Introduction Cybersecurity is a growing field in high demand; however, many estimates predict a shortage of approximately 3.5 million qualified cybersecurity candidates by 2021. This shortage is leaving many companies vulnerable to data breaches, ransomware, and other cyber-attacks. To address this shortage, the SANS Institute offers a program to help fill the impending cybersecurity skills
Hey guys! I figured that it would be beneficial to have an entire post dedicated to teaching some fundamentals about Computer Organization and the x86 Instruction Set Architecture, since I will be referencing this particular ISA (instruction set architecture) throughout most of my tutorials on Exploit Development and Reverse Engineering. This will be updated over
Part 3 of creating my Wargame to teach people exploit development and reverse engineering.
Introduction: This week’s retiring machine is Bounty, which is a beginner-friendly box that can still teach a few new tricks. Bounty is rated 4.8/10, which I feel is pretty appropriate given the overall ease of the machine. In this walkthrough, we’ll do a little bit of dirbusting, learn a nifty trick to gain remote code
Since making the switch from an Army Transportation Officer to a Supply Chain Management in the private sector and now working in Information/Cyber Security, I’ve done a lot of learning. Often, I am asked how I did it. Typically, I respond with the most hated two words in any language on the planet earth: hard
