Category Archive: Uncategorized

May 11

Vendors – Select Them Carefully

Vendor Research: Beyond the Fancy Sales Presentations Choosing a vendor for anything is extremely difficult. Sales people only show off the best parts of the product.  Demonstrations are exciting and seem almost magical.  Products appear to solve problems in a way you have never seen before. If you decide to take a product for a …

Continue reading »

Jan 25

BECOMING AN ETHICAL HACKER – WEEK 3

Week 3 – Enumeration and Cracking Week 3 is done and it was the best yet!  In this course, I have a feeling that every week will be better than the one before it.  I studied for 10 hours after work and on the weekend and still managed to do a little painting! In my original …

Continue reading »

Jan 20

Becoming an Ethical Hacker – Week 2

Week 2 – Scanning, Enumeration, and Back to Basics The second week in my quest to become an ethical hacker is complete!  With 11 hours of study time logged, this was a very productive week that touched a lot of different areas. If you’re not sure why I’m posting this, take a look back at …

Continue reading »

Jan 09

Becoming an Ethical Hacker – Week 1

Week 1 – Google Hacking and Port Scanning My first week of ethical hacking is done and it was a great week!  I spent 9 hours working on scanning and reconnaissance.  As I mentioned in my post, Investing a Year in Ethical Hacking, my goal is to spend 416 hours learning ethical hacking this year.  Current …

Continue reading »

Jan 01

A Year of Ethical Hacking – Day 1

Becoming a Certified Ethical Hacker, Day 1 OK…I cheated.  I started early on CEH by reading a little and skimming some videos, but my 416-hour goal stands. Current progress:  0 of 416 hours. What should I do first? Every goal has to start with a plan right?  I explained in my first post of this …

Continue reading »

Dec 23

Certified Ethical Hacker (CEH) Preparation Toolkit

The Tools You Need to Learn Ethical Hacking and Get CEH Certified This is post number two in my quest to become a Certified Ethical Hacker. In my last post, I talked about why I am Investing a Year in Ethical Hacking. Now, I’m going to share the resources I plan to use over the …

Continue reading »

Dec 19

Investing a Year in Ethical Hacking

Why the CEH is worth it and why it will take a full year to earn it.

Aug 16

Patch Remediation With PowerShell – Part 1

There are a lot of security topics that are absolutely fascinating but patch management is not one of them.  Even more horrific is patch management remediation.  Deploying patches isn’t so bad but getting that last 10% out of your compliance efforts is just a never ending brutal slog through the mud. I wrote a quick …

Continue reading »

Aug 14

Password Spray with PowerShell

Find user accounts with weak passwords without getting ntds.dit, admin rights, account lockouts, or logging any events. With basic domain access and PowerShell, this script uses a password spray technique to test one password at a time against all active user accounts in the domain. More traditional brute force password guessing might try as many password …

Continue reading »

Jun 23

Training Users to Fail

My account password for LinkedIn was leaked as part of the 2012 breach.  I use the same user name on Pandora and, if my password was the same on both sites, this would have left me exposed to password reuse attacks. I received an email from Pandora Radio today and I think it is great …

Continue reading »

Older posts «