Cybersec.Reviews

Note: This challenge write-up is a “blind analysis”, which was written prior to viewing the answer section of this course. I include how I answered questions, if I got it right or wrong, and why as a reflection for further learning. (Contains spoilers!) Practical Malware Analysis and Triage “Silly Putty” Challenge This write up comes from the PMAT course that was produced by Husky Hacks. At the time of writing, I am about halfway through the course and have found it very valuable from a SOC analyst perspective. More

Note: To protect the identify of individuals in this CTF. The missing person in cases are referred to as subject or subjects. Overview OSINT stands for Open Source Intelligence and is defined as, “the collection and analysis of data gathered from open sources (overt and publicly available sources) to produce actionable intelligence (https://en.wikipedia.org/wiki/Open-source_intelligence). Trace Labs (https://tracelabs.org) Offers a unique OSINT CTF that was very surprising to me when I came across it. More

I've wanted to go to Defcon since I first heard about it many years ago. I was always intimidated from a lack of confidence in pursuing knowledge in the information technology world to go. I removed this confidence barrier in my mind and have been learning about the IT world for a year and a half. Now I finally felt ready to go participate in my first Defcon. Preparation. Preparing for Defcon involved a tremendous amount of googling since I have no family or friends who have been before (or are into tech like this). More

Key Points Release Date: September 2021 Date Reviewed: November 2021 Author/Creator: Vickie Li- @vickieli7 Subject(s): Bug bounty hunting, recon, report writing, web application hacking. Prerequisite(s): Some knowledge of HTML, JavaScript, HTTP, cryptography, and encoding would help. But, I would even recommend this book to a complete beginner and suggest to research things as you go along. Medium: Book and/or E-book Length: 416 Pages Price: $49.99 Print (comes with E-book), $39.99 E-Book. More

Key Points Release Date: 2019 Date Reviewed: 2020 Author/Creator: Peter Yaworski Subject(s): Quick HTTP overview,16 Vulnerabilities explained with real examples, methodology, Report writing. Prerequisite(s): Basic knowledge of networking, HTML, JavaScript. Medium: Book Length: 264 Pages Price: 26.20 on Amazon Link: Real-World Bug Hunting: A Field Guide to Web Hacking: Yaworski, Peter: 9781593278618: Amazon.com: Books(Not Affiliated) Review Disclaimer My goal is to provide honest and consistent reviews that can help others decide if an educational resource is right for them. More

Key Points Release Date: Not stated, possibly 2018 Date Reviewed: 2020 Author/Creator: Jovana Markovic Subject(s): Cross site scripting exploitation, payloads, server side filtering explained, basic filtering bypass explained, XSS attacks Prerequisite(s): Basic JavaScript and HTML knowledge is recommended Medium: Video course voice over with power point slides and demonstrations Length: 2 Hours Price: $89.99. $15.99 On Sale Link: https://www.udemy.com/course/xss-attack-most-widespread-hacking-technique/ (Not Affiliated) Review Disclaimer My goal is to provide honest and consistent reviews that can help others decide if an educational resource is right for them. More

Wikipedia defines Imposter Syndrome as "a psychological pattern in which an individual doubts their skills, talents, or accomplishments and has a persistent internalized fear of being exposed as a fraud." I haven't heard of this until stepping foot into the information technology industry. It is prevalent everywhere, just open any IT related Twitter or discord chat and I'm sure you will find a handful of people talking about how he/she is experiencing imposter syndrome. More