cybersecurity

The original post: /r/cybersecurity by /u/JCTopping on 2024-11-11 12:31:34.

The original post: /r/cybersecurity by /u/_kawhl on 2024-11-11 12:26:23.

The original post: /r/cybersecurity by /u/octron_8 on 2024-11-11 10:50:29.

After three to four months of preparation, I finally passed the exam and got the Practical Network Penetration Tester (PNPT) cert! This is an awesome certification for anyone who is preparing to get into pentesting.

Here are some pointers that i can share:

The provided courses are good enough to pass the exam. Play and experiment with the lab that you build as the part of the course.

Understand AD attacks thoroughly. Practice them. Understand the reason behind them.

Learn persistence techniques.

Learn pivoting - whatever Heath teaches in the course is good enough. However, i have seen other people talking about practicing Wreath from TryHackMe (it’s always good to practice). I tried to give it a go, but there was an issue with the wreath network for the past couple of months.

Enterprise, Attacktive Directory, Attacking Kerberos, Services - these are some of the rooms that I practiced on TryHackMe.

Have the report structure ready before you start with the exam.

Don’t upgrade your machine at the last minute before the exam unless you have a recent backup.

Remember the techniques discussed on the External Pentest Playbook - it’s a short course, go through it at least two times if you don’t have an actual pentest experience.

The original post: /r/cybersecurity by /u/throwaway198713652 on 2024-11-11 09:13:08.

We have the backing (and funding) of our execs to secure our business. It’s a large business so the investment is not insignificant.

However, our top team are constantly asking for policies to be flexed for them, exclusions to be given etc. It’s usually for stuff that doesn’t feel business related, but maybe it is.

So how much flex do you all give? Personally, my preference would be zero flex as we’ve implemented these controls for a reason. But equally, I like being employed!

The original post: /r/cybersecurity by /u/GwynKafu on 2024-11-11 06:35:59.

I wanna know what i should take first. Just go and take cpts from hackthebox. or should i do their normal courses?

or should i do tryhackme? im confused since there's too much to choose from.

I'm a complete beginner , So please enlighten me

Thank you

The original post: /r/cybersecurity by /u/she_sounds_like_you on 2024-11-11 02:17:23.

I've recently become obsessed with detecting SYN scans on our network. I realized the scan only alerts when I touch the firewall as it acts as the vlan gateway. With all of the endpoint detection mechanisms we leverage, none of them appear to give a damn about port scanning.

So far I've created a quick and dirty config do basically only alert on port scans. It only logs the alert and as far as I can tell doesn't consume any resources and does exactly what I want it to do. So my proof of concept is showing value. My manager is always on board with trying something new so I don't think I would get any pushback with this project. My only concern is getting it into production and deployment.

Have any of you had experience with deploying Snort as endpoint detection? How do you maintain it? Any special deployment scripts you could share, with redacted information, of course?

The original post: /r/cybersecurity by /u/AutoModerator on 2024-11-11 00:00:11.

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away!

Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future.

The original post: /r/cybersecurity by /u/chriss11902 on 2024-11-10 23:59:39.

Hi, I would build a C++ keylogger for educational purpose but I can't find useful or detailed guide, where can I find it? (I'm using debian)

The original post: /r/cybersecurity by /u/Chipdoc on 2024-11-10 23:30:10.

The original post: /r/cybersecurity by /u/lowkib on 2024-11-10 23:16:38.

Hello,

I have a Product security engineer interview coming up and Im trying to anticipate what type of questions would come up in the interview.

The interview is with an engineering lead and a principal engineer and im trying to anticipate what questions would come from there side?

Appreciate any advice

The original post: /r/cybersecurity by /u/VegetableAnybody534 on 2024-11-10 20:44:15.

What are some practical business strategies for starting a freelance pentesting service aimed at attracting and securing clients, especially startups and medium-sized businesses? Additionally, what approaches can help build credibility, foster client trust, and establish a strong professional reputation in the cybersecurity market?

The original post: /r/cybersecurity by /u/Several_Today_7269 on 2024-11-10 20:25:56.

Hi mates I am new to cyber security, have some questions. As I know cyber attacks are being done in client side but, is theoretically possible to bypass back end validation using Burp Suite?

The original post: /r/cybersecurity by /u/Synthetic88 on 2024-11-10 19:22:44.

Almost got taken by a Paypal scam I haven't seen before.

• Buyer wants to buy my Craigslist listing. (They don't haggle which is a red flag.)

• I get their address and send them a Paypal invoice.

• They send me a screenshot showing they tried to send me money but 'the buyer isn't set up to receive funds.'

• I log into Paypal, there is a notification on my account but I confirm with customer service that my account is OK. I ask them to try again.

• I get a Paypal email saying you've got a deposit. At the LAST SECOND I notice a typo in the email, "Reply us with tracking number" so I don't click anything in the email and open PayPal from a new browser window. There is no money in there.

Here's the twist, the link in the email was to "https://www.paypal.com/" but with a TON of javascript after that. I think the key is the part where they say it didn't go through, which makes you log into Paypal. The link in the email opens Paypal (where you're already logged in) and probably transfers money to some account so quickly that you don't notice until it's over. And by this point you've been expecting the Paypal email so you click it (spear fishing hack.)

The original post: /r/cybersecurity by /u/hackspark1025 on 2024-11-10 18:45:33.

Hey Everyone,

Im excited to join your community. Ive been working on building a remote access trojan and I documented it on my medium account if anyone wants to check it out. Full code is on the post. Link Here

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-10 15:47:57.

The original post: /r/cybersecurity by /u/Sloky on 2024-11-10 14:02:57.

Infostealers use steam for C2 communications, I know it's not news but I find it extremely interesting.

Feel free to reach out if you are interested or have an idea on how to follow up on this.

https://intelinsights.substack.com/p/c2-powered-by-steam

The original post: /r/cybersecurity by /u/k0ty on 2024-11-10 13:14:22.

The original post: /r/cybersecurity by /u/RandomUsername749 on 2024-11-10 12:16:01.

I’m bootstrapping a startup and looking to sell my SaaS to enterprise who are looking for security certifications. (We load a JS file on clients website to ask the visitors for consent.)

We have been using the best security practices and have a lot of policies and flows in place already. I’ve achieved SOC2 with my previous startup.

My current startup just isn’t certified and audited to have the official seal. And there might be some small things that might need to be updated or put in place - I need a checklist of things to do before just getting someone to audit.

The original post: /r/cybersecurity by /u/placeholder4thenight on 2024-11-10 09:16:06.

So when i discover that port 53 is open on some device, what does that mean? Does it indicate that the device is a DNS resolver (meaning it's able to make DNS queries to different nameservers in order to return a certain record), or does it indicate that the device is a nameserver, as in it holds DNS records? I'm kind of confused since i understand how DNS works, and i understand the components of it, running dig google.com for example makes sense in the sense that i'd be analyzing the queries my DNS resolver made in order to get to google.com which i assume would give me more attack vectors since now i might attack the nameserver responsible for google.com (correct me if i'm wrong). But running dig on a machine that has port 53 open in a CTF scenario for example, what does that mean? And how else am i supposed to enumerate that port? I've seen that i can check for the version.bind record which i still don't really understand how it fits in the picture of having port 53 open.

The original post: /r/cybersecurity by /u/Defiant_Train5048 on 2024-11-10 08:40:19.

Wouldn't 3 day weekends every week be nice. Assuming it's just 5 days work condensed into 4 intense longer days.

Does anyone have experience working a 4-day week?

The original post: /r/cybersecurity by /u/EachErmine on 2024-11-10 08:34:36.

As for background I Currently have BTL1 and have a fair amount of knowledge in the blue teaming side of cybersecurity, Would any of these certs be good or is there any other you guys would recommend me getting at this point?

The original post: /r/cybersecurity by /u/Such-Heat1674 on 2024-11-10 08:09:44.

The original post: /r/cybersecurity by /u/Shinoskay9 on 2024-11-10 07:14:12.

So, just saw that trump is pulling federal jobs back to the office (thats kinda ok, fed bois get paid a lot anyways) but then I realized biden dumped a bunch of money into the cyber field... which means there are a lot of cybersec jobs that are federal.

Anyone know how trump is going to impact the cyber security field?

The original post: /r/cybersecurity by /u/AloneHGuit on 2024-11-10 06:59:18.

I got feedback that dev exp is the gap between me and a path to security architect so my manger is asking what type of dev projects Id like to participate in. Please share your thoughts, we are your usual java shop with monolith and microservices.

For reference I have years of exp at an enterprise software company as a security analyst, doing pen tests, security reviews, threat modeling, guiding dev teams etc.

My manager was kind enough to say he’ll try to offload some of my duties so I can actually develop. Any suggestions are welcome

The original post: /r/cybersecurity by /u/OSINT_IS_COOL123 on 2024-11-09 17:12:30.

I'm very puzzled. I know there are better subreddits, but I want to cover all bases in case someone knows. Where exactly is ThatsThem getting it? I am building a people search tool for Canada and wondering. ThatsThem has Name, gender, phone, address, and scores. How do they get all this data? What sources? Sorry if this is a newb question I am just curious. Some profiles also contain an email. (Also, I am new to reddit)