learning On building your skillset Right now I've been reading The Hacker Playbook 3. I've had it for a while, but I always only read bits and pieces. I started reading it again, and there's some good stuff. Where the THP2 is more focused on pentesting skills, THP3 is
learning Relaxing for a bit, and learning at my pace I recently decided to take a bit of a break from work. I was overdoing it and burning out. It's working out for the best so far, and I'm feeling great. I slowed down and started learning at my own pace. Instead of forcing myself to
hackthebox HTB post-game recap -- Passage Passage was a cool box overall. The hardest part for me was privesc. I had to get a lead from a buddy to show me what I was looking for. He said something along the lines of "ride the bus." The rest was a ton of Googling anything
learning Hack the Box -- Passage This is a write up of Passage on Hack the Box. Nmap As always, we start with our basic Nmap scans. The results are below: nux@KakaLinpoop:~/Documents/htb/boxes/passage/nmap$ nmap -T4 10.10.10.206 -p 22,80 -sC -oN scriptScans Starting Nmap 7.91 ( https://nmap.
python Today's learning: Simple Python Skills -- Is a number prime? I enjoy scripting, but I just haven't had the time to dedicate to improving my skillset. I know, that's just an excuse, but if I'm not at work, I'm studying up for my OSCP, or learning about web apps. I wish I
learning Knowing what you don't know This career can be intimidating. Almost daily, I look at all the things I don't know and think to myself, "Crap, man. This is still a mystery to me." As I work with people who are in the same field, many of them who seem to
open redirect Learning more things: Open Redirect I am making it a point to study and read up on lots of things that will help me improve my skillset. This book, Web Hacking 101 [https://www.hackerone.com/blog/Hack-Learn-Earn-with-a-Free-E-Book], is free from HackerOne. I'm going through it, trying to understand concepts and writing a
things I learned Things I learned today -- 11.15.20 I got some studying in today. Did a bit of reading and watching some videos. More PrivEsc Today, I went over TryHackMe's Linux PrivEsc portion on weak file permissions [https://tryhackme.com/room/linuxprivesc]. Went over some things I already knew, but it was still cool to go
github What to learn next? I'm working hard toward my OSCP. I've been studying, and I was given a boost of confidence just a few hours ago. I have a few writeups I can't publish until the boxes are retired. Lame. I'm definitely getting where I need
sql Port Swigger's Web Security Academy is Good Stuff One of my current weak points (and there are many) is SQL injection. I just can't quite pull them off yet. Sure, I know the basics like or '1'='1' stuff. Even then, it's a bit rocky for me. It's
OSCP Thoughts as I work through some studies I've been cracking away at studying for the OSCP certification. It's taken quite a bit of my time, but I want to accomplish it. I've also been sitting on the eLearn Security eCPPT course. It's good content, but I'm more
