Get in the spirit of the holidays with some hacking!

If you’re like me, you probably have a number of projects that you’re working on and tracking at any one time. It’s important to keep your skills fresh, and, if you can have a little fun while you’re at it, it doesn’t have to feel like work or a huge time sink. …


Want to be more efficient? Spend time on Good Documentation.

Today I want to talk about a topic that is often disparaged within certain departments and industries: documentation.

Image for post
Image for post
Contrary to popular opinion, the more documentation that exists, the better it can be.

Typically, documentation is seen as a “necessary evil” that wastes time or resources when an employee could be spending that time on more “productive” projects or problems to solve. As someone who often learns by digging into software and messing around with settings rather than thoroughly reading a manual cover-to-cover, I can certainly empathize with this perspective, but there comes a point when the need for good documentation is absolutely critical for competent business functionality. After all, the time for creating an incident response plan is not after an incident has already occurred. …


or, How to See Malware Activity in Real Time.

Image for post
Image for post

I recently discovered Brad Duncan’s blog Malware-Traffic-Analysis.net. The blog is host to a variety of traffic analysis exercises, primarily involving malware infections that take place over a network and are documented in pcap files. It has really been scratching my digital forensics itch lately, and it allows for some detailed log analysis without having to spend an inordinate amount of time downloading a large VM and getting a full PenTest lab set up. I thought I would share one of the exercises I recently completed (which you can find here).

Here’s the basic setup of the scenario: we have a Windows active directory domain, known as pascalpig.com, residing on the LAN at 10.0.0.0/24. In the Security Operations Center, a series of alerts have recently gone off, telling us that something fishy may be taking place in our network, and we need to track it down and report it. Fortunately, we have a pcap file documenting the network traffic for the entire time frame, so, let’s dig in! …


How to Subnet with only a little bit of memorization and math — no binary required

Image for post
Image for post

When I was first learning about networks, the topic that most consistently stumped me was subnetting. I am notoriously bad at doing anything other than simple math in my head, and it always felt like I was one step behind understanding what I needed to do to get the right result. To complicate matters, most online explanations for subnetting never really clicked for me — I (mostly) understood the theory of splitting up an address into multiple subnetworks, but who wants to spend an endless amount of time writing out the binary for every IP address and subnet mask? …


Getting started in scripting doesn’t have to be scary

Image for post
Image for post

Earlier this week, I was working on a project that required a little bit of python scripting. While not anything too complicated, it reminded me that I needed to stay fresh with my programming, and so, as a personal challenge, I decided afterwards to create a python script from scratch with as little internet-referencing as possible. In order to show how we can iterate a python script from something very simple into something gradually more complex, I decided to share my process below. …


Ransomware is on the rise in 2020

Image for post
Image for post

A growing concern for every industry just about everywhere is the topic of ransomware. Ransomware is not a new threat (the first documented case of ransomware occurred in 1989 for a whole $189), but incidents of ransomware have been increasing exponentially lately, especially as the world still reels from all of the destabilizing events of 2020. Ransomware is when a compromised system or network is encrypted or rendered otherwise unusable by a malicious third party, who then promises to restore functionality if a ransom is paid. …


Once you know the environment, it’s time to break in

Image for post
Image for post

Today we’re going to follow-up last week’s blog post about the information gathering phase of PenTesting with a post about the exploitation phase of a PenTest. As discussed last week, we’re running the VM “SoSimple” from VulnHub. We’ve already found a good deal of information about the VM, including an instance of Wordpress, as well as the login credentials for that Wordpress account.

The exploitation phase of a PenTest is when we take the knowledge we’ve gained about the system and try to find the cracks in the armor, so to speak. Last week, I challenged myself at seeing how much information I could gather with a single tool, but that will not be the case in this phase today — crafting an exploit can be tricky, will often involve much further research online, and you will usually want to make use of every tool at your disposal to gain an advantage. Exploitation is not the phase when we “take over” the victim’s system, nor is it the end state of the PenTest. Exploitation is, simply, look for vulnerabilities that could potentially give us that first bit of access to the system. Once we finally achieve this, we will move on to the next phase, which is lateral movement across the system, as we try to take the exploit and use it as a means to gain further access, escalate privileges, and establish a reliable, more permanent means of access for future actions. …


How much info can you get with a single tool? A lot, actually.

Image for post
Image for post

While working on some individual PenTesting this week, I decided to challenge myself and see how much information gathering I could do with just a single tool — MetaSploit Framework, one of the most popular hacking tools out there. This is a nonrealistic limitation, of course, since almost all PenTesting involves using as many tools at your disposal as possible, but it proved to be a fun challenge with a couple surprises and one unexplained issue, which I will lay out below.

Like my interest in digital forensics, the information gathering (or “reconnaissance”) phase of hacking has proven to be one of my favorite steps in PenTesting. Gathering data and growing to understand the makeup of a system is a gratifying process, which probably explains why I like cybersecurity so much — there is constant opportunity to learn more.
I also wanted to use this opportunity to lay out some basic steps to follow when beginning a PenTest and gathering information. As you’ll see near the end of this post, however, I ended up a running in to some issues that I don’t yet have an answer for (so, if you have any thoughts to share, I’d love to hear them). …


Not Just a Nice Option: a Necessity

Image for post
Image for post

About a month ago, I attended an online webinar hosted by Women in Cybersecurity all about Multifactor Authentication. Multifactor Authentication (or MFA), for those who may need a refresher, is an extra layer of security when signing in to services or applications. Essentially, you must authenticate yourself through multiple fields (or, Factors) in order to prove you are who you say you are. The earliest and most common form of MFA was Two-Factor Authentication (itself a subset of MFA) that would verify authenticity through two fields — most commonly by signing in with a password and then entering a security code that is texted to a phone number over SMS. Until recently, many people considered MFA an optional but beneficial layer of security. …


Podcasts are a good way to stay current while taking a break from the screen

Today’s blog post is a little simpler because I spent most of the past week studying for my CompTIA Security+ certification. The good news is, I passed! Onto the next certification! In the meantime, I thought I’d talk about one of the ways I like to stay on top of the latest cybersecurity news: podcasts.

Image for post
Image for post

One of the things I like to listen to while going for a run or doing chores around the house is podcasts. My rotation tends to be a pretty eclectic mix — a couple of them are about video games, there’s a few media criticism shows, some historical storytelling, one or two true crime/mystery shows, and a few interview formats about a variety of educational/informational topics. …

About

Tim Smith

Cybersecurity and Communication. https://www.linkedin.com/in/tsmith6421/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store