Trust describes his methodology for auditing smart contracts.
An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In this conversation, we delve into Trust's background as a security researcher and exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security.
After more than a year of prep and two exam attempts, the OSCP certificate finally came in the mail.
My full OSCP Study Guide here:
https://www.youtube.com/watch?v=iheTvk-k55A
The guide is slightly out of date because I sat the exam before the recent Active Directory updates, so the learning resources should be updated. However the approach to passing the exam remains the same.
...
https://www.youtube.com/watch?v=v0JwH1MuA84
Lucas on his early career as an offensive security specialist to web3 security, building startups, and how AI security tooling will affect security research.
Links:
Darren: https://twitter.com/lmc_security
Andy: https://twitter.com/andyfeili
...
https://www.youtube.com/watch?v=_Qv27bOrxOc
Final prep before OSCP exam next week. Plans for taking the exam, study burn out and thoughts about the OSCP certification.
...
https://www.youtube.com/watch?v=qtazco1jPrg
https://tryhackme.com/room/bpsplunk
TryHackMe walkthrough going over the Ransomware scenario (Task 6). This was my experience using Splunk, it was really fun learning the blue team side of things. If you have experience with writing SQL statements or excel lookup formulas, you should be fine with going through this room.
I tried to explain things thoroughly as I have not seen any videos on YouTube which did that. The walkthroughs I saw were all only just providing the answers.
Hope this is helpful for those of you trying to get into or learning more about Cyber Security.
I will be going over Task 5 - Advanced Persistent Threat in this room next time.
Contents
00:00 - [Intro]
1:25 - [Task 2]
5:22 - [What was the most likely IP address of we8105desk on 24AUG2016?]
9:11 - [What is the name of the USB key inserted by Bob Smith?]
10:15 - [After the USB insertion, a file execution occurs that is the initial Cerber infection. This file execution creates two additional processes. What is the name of the file?]
15:15 - [During the initial Cerber infection a VB script is run. The entire script from this execution, pre-pended by the name of the launching .exe, can be found in a field in Splunk. What is the length in characters of this field?]
22:26 - [Bob Smith's workstation (we8105desk) was connected to a file server during the ransomware outbreak. What is the IP address of the file server?]
26:44 - [What was the first suspicious domain visited by we8105desk on 24AUG2016?]
34:32 - [The malware downloads a file that contains the Cerber ransomware cryptor code. What is the name of that file?]
37:54 - [What is the parent process ID of 121214.tmp?]
40:50 - [Amongst the Suricata signatures that detected the Cerber malware, which signature ID alerted the fewest number of times?]
43:29 - [The Cerber ransomware encrypts files located in Bob Smith's Windows profile. How many .txt files does it encrypt?]
45:49 - [How many distinct PDFs did the ransomware encrypt on the remote file server?]
49:25 - [What fully qualified domain name (FQDN) does the Cerber ransomware attempt to direct the user to at the end of its encryption phase?]
52:35 - [Summary]
55:55 - [Thanks for watching]
...
https://www.youtube.com/watch?v=YirqbMJK-kk