learning On building your skillset Right now I've been reading The Hacker Playbook 3. I've had it for a while, but I always only read bits and pieces. I started reading it again, and there's some good stuff. Where the THP2 is more focused on pentesting skills, THP3 is
learning Relaxing for a bit, and learning at my pace I recently decided to take a bit of a break from work. I was overdoing it and burning out. It's working out for the best so far, and I'm feeling great. I slowed down and started learning at my own pace. Instead of forcing
hackthebox HTB post-game recap -- Passage Passage was a cool box overall. The hardest part for me was privesc. I had to get a lead from a buddy to show me what I was looking for. He said something along the lines of "ride the bus." The rest was a
learning Hack the Box -- Passage This is a write up of Passage on Hack the Box. NmapAs always, we start with our basic Nmap scans. The results are below: nux@KakaLinpoop:~/Documents/htb/boxes/passage/nmap$ nmap -T4 10.10.10.206 -p 22,80 -sC -oN scriptScans Starting
python Today's learning: Simple Python Skills -- Is a number prime? I enjoy scripting, but I just haven't had the time to dedicate to improving my skillset. I know, that's just an excuse, but if I'm not at work, I'm studying up for my OSCP, or learning about web apps. I wish I could make
learning Knowing what you don't know This career can be intimidating. Almost daily, I look at all the things I don't know and think to myself, "Crap, man. This is still a mystery to me." As I work with people who are in the same field, many of them who
open redirect Learning more things: Open Redirect I am making it a point to study and read up on lots of things that will help me improve my skillset. This book, Web Hacking 101, is free from HackerOne. I'm going through it, trying to understand concepts and writing a little bit
things I learned Things I learned today -- 11.15.20 I got some studying in today. Did a bit of reading and watching some videos. More PrivEscToday, I went over TryHackMe's Linux PrivEsc portion on weak file permissions. Went over some things I already knew, but it was still cool to go over it
github What to learn next? I'm working hard toward my OSCP. I've been studying, and I was given a boost of confidence just a few hours ago. I have a few writeups I can't publish until the boxes are retired. Lame. I'm definitely getting where I need to be
sql Port Swigger's Web Security Academy is Good Stuff One of my current weak points (and there are many) is SQL injection. I just can't quite pull them off yet. Sure, I know the basics like or '1'='1' stuff. Even then, it's a bit rocky for me. It's when it comes down
OSCP Thoughts as I work through some studies I've been cracking away at studying for the OSCP certification. It's taken quite a bit of my time, but I want to accomplish it. I've also been sitting on the eLearn Security eCPPT course. It's good content, but I'm more motivated to obtain my