Those of you that read my blog and maybe know me in person/on Twitter know that I love teaching. I think it mostly stems from not getting enough attention as a kid. 😉 [Just kidding Ma.] This past year I had the honor of presenting to both of my kids' schools about my work and... Continue Reading →
Hello. This is Bob from Microsoft
So last night "Bob from Microsoft" called me because my computer was infected and "he was there to help me". Yeah right. Background Because the Internet is such a wonderful, sharing place, I'd been alerted to these types of cold-call, social engineering attacks a while ago. One of my neighbors had received one of these... Continue Reading →
All is not what it appears to be (A high school demo)
Background Recently, I spoke to a local group of high school juniors about the "real" Internet world. It was a fun talk where I covered a variety of topics from: "Nothing is truly anonymous" to "Everything you put on the Interwebs will be around for ever"...and other things. But I didn't want to do a... Continue Reading →
Dangers of Free/Public Wifi
OK. So it has been a LONG time since my last blog entry. This entry is more so that I remember where this cool infographic is from.On the http://www.v3im.com/2014/03/use-public-wifi-better-check-out-cloak/ page I found the infographic below describing the dangers and protections for using free/public wifi.
DNS Host Enumeration Tool Bake-Off
[UPDATED - 10/2013 with blacksheepwall content]The ScenarioIn my line-o-work, we need to not only discover hosts on the network to assess but also the domain names of the websites hosted on those servers. See, there are these things called "Virtual Hosts" (http://httpd.apache.org/docs/2.2/vhosts/) where a server administrator, to save time/money/effort, can configure a single IP address... Continue Reading →
Making a module for recon-ng.
I'll be the first to say it, I'm no programmer. Sure I can hack a few lines together and craft some adequate regular expressions to get 'er done but I'm no formal coder. So it was with awesome joy that I found the Recon-ng framework. Tim Tomes (@LaNMaSteR53) created/is creating an easy python-based framework that... Continue Reading →
My first post and shameless self-promotion.
First posts are hard. There is so much riding on them. I'm just going to set an easy tone for this blog and make it short and sweet.I'm mentoring my first SANS SEC542 (http://www.sans.org/course/web-app-penetration-testing-ethical-hacking) course in August. I'm really looking forward to it!Details are below:Location: Rockville, MDSchedule: 2 hours each Tuesday and Thursday for 5 weeks Link: http://www.sans.org/mentor/class/sec542-rockville-20aug2013-micah-hoffman