The weather is turning hot|cold|warm|sunny|cloudy...just like you like it. You know that there are these dirt|gravel|paved paths in some parks but never knew what they were for. You are intrigued, pulled by some primal urge to go outside and get some sun|pollen|wind on your face|body|brand new clothes. You my friend, need to... Go for a hike!... Continue Reading →
Fake Name Generator
When performing testing activities, whether it is web application penetration or usability testing, it is helpful to have example content to submit in web form fields. The same can be said for people trying to create sock-puppet or alias accounts on the Internet. We need to have sample/fake information so that we can set up... Continue Reading →
The Problem after a Raise
I spoke to a junior employee today. He was upset with his latest pay raise. It was smaller than he wanted and, as a result, he stopped putting in extra effort at work. No more going above and beyond, staying late, or trying hard. So I said to him, "Were you upset like this before... Continue Reading →
Bake-off: Travel Routers
Why I've started traveling more and that means connecting to the Internet through less-trusted networks. Always nice to have another layer of security when doing more-risky things so I started looking for a good travel router. It is a confusing marketplace right now with some devices focusing on user features such as sharing files from... Continue Reading →
Building the (LED) Matrix
Purpose So at work we have one of those SOC World Clocks that looks a little bit like the one below (and yes I know that London is not spelled with that many "o" letters...I found this on the Internet.). It works OK but has to be reprogrammed for daylight savings time, it loses time... Continue Reading →
Offensive Interviews
Just a quick blurb that I've started a Github project called Offensive Interviews. The goal of this project is to open source many interview questions that can be used to screen offensive infosec practitioners (i.e., pentesters/red teamers). It is a collection of questions and scenarios that you can use to help screen candidates. Of course,... Continue Reading →
Complex Knowledge-based Password Reset Strings
With all of the data breaches recently, I urge everyone I know to use a password manager application like KeePass (http://keepass.info/) or LastPass (Yes I know they too got hacked) to store complex, long passwords. The benefit to using these apps is that you can make your responses to those knowledge-based password reset questions (e.g.,... Continue Reading →
Infosec Resumes: What do employers care about?
Ever wonder what hiring managers look for in "good" resumes? While I cannot speak for my employers, I can say that there are certain pieces of resumes that I care more (or less) about when I review them. Who I usually am looking to hire people that are computer-savvy. The positions I need filled are... Continue Reading →