Mastodon Hillbilly StoryTime: 2018

Tuesday, October 30, 2018

Of Failure and Success

 Experience is simply the name we give our mistakes.

— Oscar Wilde

Over the course of a year, I watch many InfoSec conference presentations whether in person at the conference or via a recording on YouTube, I read a multitude of amazing blog articles, and I follow and read the messages of many InfoSec personalities on Social Media. The thing that keeps coming to mind throughout all of this is, “Wow there are some amazingly smart people out there doing some wonderful stuff.” Then following that are the thoughts, “Why am I not that good? Why is it so difficult for me to create some new tool or make some new discovery? Why do I keep making mistakes?”  From discussing with others on social media and at conferences I have become well aware that it is not just me having these thoughts.

Friday, September 21, 2018

How Can I Become a Pentester?

After I tell someone that I am a pentester or that I work in InfoSec, the most common question I get asked is if I can help them fix their computer. The second most common question I get is, “How can I become a pentester?”

My answer is usually fairly concise and to the point, “Learn how computers and networks work, learn what rules are in place to protect them, and then learn how to circumvent those rules.” While that answer is fine if I am in a hurry, I thought I might take this time to elaborate a bit more and provide a more helpful answer.

Monday, February 5, 2018

Intro to Programming - Part 1

This is my first post of a new series of programming centric posts.  This series will be starting with a short overview of common programming topic without going into too much depth on basic concepts like, What is a programming Language, What is a variable, etc...

There are entire courses, college classes, and so on available if someone really wants to learn the topics in more detail.

The purpose of this "Intro to Programming" series is to make sure everyone has at least a basic understanding before I get into the next series on "Intro to Python Programming".  Once that series is complete, I will be moving on into "Python for Pentesters".

Video:


SlideDeck via SlideShare:

Tuesday, January 16, 2018

A New Year

Happy 2018!!!!

Last year I wanted to try something new so I started the Pentest Fails Youtube series.  It has been a blast.  I enjoyed sharing the stories of both my fails as well as hearing other people share theirs.

For this year I have a few new plans I would like to share with you.
  1. I will be continuing the Pentest Fails videos.
  2. I will be starting a new video series where I demo and review various pentest tools.
  3. I will be starting a new video series where I step though "Programming for Pentesters".

For the Pentest Fails videos, not much will be changing.  I will still be sharing both my stories as well as stories other people have provided me.  Of course, there may be a few guest storytellers showing up as well.  However, I will be reducing the rate at which I will be releasing these videos to just 1 time a month.  This should allow me more time to prepare better videos and hopefully improve the overall quality of the videos and content.

For the tool review and demo video series, I want to discuss and share the tools that I personally find useful or interesting.  I will be creating new blog articles for each tool as well as showing how to install and execute the tool.  Due to the nature of the tools, some videos may be shorter than others.  I expect to be releasing about 2 new tool demo videos a month.

Finally, the "Programming for Pentesters" video series.  For this, I will be starting with a short introduction to programming and programming concepts followed by discussions of more advanced concepts.  As it is the primary language I am currently coding in, most of the code shown in the videos will be written Python. For the basic description of concepts or when I am roughing out a tool idea, I will be using Pseudo-Code as it is much more general and can better convey some concepts.  Along with the basic videos in this series, I may also include some "Lets Code" videos where I show the process from concept to final tool for some program I am writing.

Now being able to pull all of this off will not be an easy task for me, but I feel I can do it and it is a challenge I have set for myself for this year.

In order to keep everything in line and on time, I am proposing the following schedule for videos:
  • 1st Monday of the Month  => "Programming for Pentesters" (and "Let's Code")
  • 2nd Monday of the Month => Tool Demo
  • 3rdMonday of the Month  => Pentest Fails
  • 4th Monday of the Month => Tool Demo
  • 5th Monday of the Month => ???  TBD

Now if a given month falls in such a way that it has a 5th Monday, then I will come up with some special content for it.  That may take the form of some 1-off video or maybe just an extra of one of the other video series.  It will really depend on what I feel like at that time.

If a given month does NOT have a 4th Monday due to the way the weeks fall, then I will simply forgo the second Tool Demo video for that month.

Hopefully, everyone enjoys the videos and I look forward to seeing everyone's comments.

Thank you and have a great day.