Aug 25, 2014
I had a healthy debate with Mr. Boettcher this week about the merits of doing recon for a pentest. Mr. Boettcher is a heavy duty proponent of it, and I see it as a necessary evil, but not one that I consider important. We hash it out, and find some common ground this week.
People search links:
Spokeo -...
Aug 23, 2014
Mr. Boettcher made a thing! He created a video that highlights how to install Linux securely in a VM. His next video will be how to setup OWASP's WebGoat to test for vulnerable web apps. He noticed that documentation is a bit sparse, and often contradictory, so he wanted to help other folks who are having issues to...
Aug 18, 2014
This week, we go into a proxy program called "Ratproxy", discussed it's ins and outs. Plus, Mr. Boettcher and I have a discussion about how we as infosec people should work with developers and IT professionals to provide them training and understanding of security...
Aug 10, 2014
Here is Part 2 of our video for understanding the basics of Nmap. I discuss some of the logging output, the scripts found in Nmap, and the output that Nmap gives you for reporting or comparison later.
I really did want to go more into the Lua portion of the scripting engine, and perhaps make a simple script, but...
Aug 10, 2014
This week we take some time to talk about risk management with Josh Sokol. This is part 2 from our interview with him last week... We talk some more about Simple Risk from the POV of Risk Management, as well as the licensing/modification of Simple Risk.
Mr. Boettcher and Josh discuss the merits of Qualitative...