Gamedev Mastodon

Kayla Eilhart (en)I'm studying for <a href="https://gts.eilhart.cz/tags/cissp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISSP</a> after 9 years of being <a href="https://gts.eilhart.cz/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> practitioner and 24 years of working in IT as a whole. Some questions/theory in there is so old that it hurts (and I can totally imagine how the course may be hard for youngsters who for example never have seen nor erased an EPROM with UV light). Some parts are hard for me as an European, because I didn't deal much with US laws and standards and have to memorize them now. Some parts are just tiring as I am constantly re-learning them and forgetting again over the years, like the subtle differences between various roles in data management or the many abbreviations which are variations on the same in different contexts - many key indicators, formulas etc. TL;DR: I hope I'll pass and then don't need to repeat it for a few years... I don't like certifications, but in this world, they're a handy proof of "knowledge" or at least of ability to memorize a lot of stuff. Also, a friend of mine is trying to persuade me to go for <a href="https://gts.eilhart.cz/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> - and that one is something I'm both intrigued with and afraid of it 😄

Christopher Bauer :debian: :i3wm: :blobcatthinkingglare:Hello kind people of Mastodon! Mastodon is a big part of my life, so I'm going to give finding work here a go as well.I'm looking for a junior penetration tester or cyber security analyst role. Should you have any leads, or simply be able to provide info, please reach out.To give you a thumbnail background sketch: I'm a former Lecturer in Anthropology pivoting to Cyber Security. I recently passed the <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> and loved it. I have interests in writing and advising to make pentesting more accessible, IoT pentesting, and purple team work.While I am looking for a first role, I'm open to freelance, contract, and part-time roles. I'm located in Seattle, though remote is welcome.Boosts will be noted and the favor returned in due course!Thanks everyone.<a href="https://infosec.exchange/tags/fedihireme" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fedihireme</a> <a href="https://infosec.exchange/tags/fedihire" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fedihire</a> <a href="https://infosec.exchange/tags/fedijobs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fedijobs</a> <a href="https://infosec.exchange/tags/getfedhired" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#getfedhired</a> <a href="https://infosec.exchange/tags/jobhunt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#jobhunt</a> <a href="https://infosec.exchange/tags/gethired" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#gethired</a>

Josh M | WhamSomething quite wonderful occurred at <a href="https://infosec.exchange/tags/bluehat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bluehat</a> 2024. Caught up with a former mentee I worked with on getting their <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a>. They shared they are now in a masters program and doing amazing things at work, and loving it. This lit up my heart and sparkles. Helping others achieve their goals and reach for things they might not have, is an honor and a privilege to be a part of. Needless to say.. an excellent time at <a href="https://infosec.exchange/tags/bluehat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bluehat</a>. Great to reconnect with good humans, some good content, and a whole heap of recharging my hacker heart.<a href="https://infosec.exchange/tags/mentoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mentoring</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

A feral NatalieUnintended lesson of working towards my <a href="https://infosec.exchange/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscp</a> - I’ve done more <a href="https://infosec.exchange/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#python</a> 2 coding than I have in like five years. Corporate realism, very much yes. Joyful programming, not so much.

Christopher Bauer :debian: :i3wm: :blobcatthinkingglare:I PASSED! <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> I know I've been quiet on mastodon for a while. I'd been doing a lot of hack the box/try hack me CTFs to stay sharp. Whoo goodness, I'm pretty relieved. Hope to do so more posting on my fav social media now.Thanks to all who believed a qualitative researcher could do <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>.

Linux TLDRHow to Attach an Executable File to Your Email (Works on Gmail) <a href="https://noc.social/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://noc.social/tags/KaliLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KaliLinux</a> <a href="https://noc.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://noc.social/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> <a href="https://noc.social/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SysAdmin</a> <a href="https://noc.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://linuxtldr.com/attach-an-executable-file-to-email/" rel="nofollow noopener noreferrer" target="_blank">https://linuxtldr.com/attach-an-executable-file-to-email/</a>

Marco IvaldiI'd like to share some of my projects that are hosted on <a href="https://infosec.exchange/@github" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@github</a>. Let's start with my public <a href="https://infosec.exchange/tags/exploits" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploits</a> that span more than two decades of <a href="https://infosec.exchange/tags/pwning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pwning</a>.<a href="https://github.com/0xdea/exploits" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/0xdea/exploits</a>"You can't argue with a root shell." -- Felix "FX" LindnerProbably the most known is raptor_udf.c that targets <a href="https://infosec.exchange/tags/MySQL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MySQL</a> (those of you who solved the <a href="https://infosec.exchange/@offsec" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@offsec</a> <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> training labs should recognize it).My favorite is still raptor_rlogin.c, a glorious <a href="https://infosec.exchange/tags/Solaris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Solaris</a> <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RCE</a> from the early 2000s. Take your pick!

willc<a href="https://infosec.exchange/@offsec" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@offsec</a> It feels like you just devalued OSCP for people who already have it by making "OSCP+" seem like something better. Maybe not your intention, but that is and will be the perception. I am not a fan. <a href="https://infosec.exchange/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscp</a> <a href="https://infosec.exchange/tags/offsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offsec</a>

Keith Hoodlet :verified: :donor:🤣 OSCP+ 💰 <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> <a href="https://infosec.exchange/tags/offsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offsec</a>

SnoopGod LinuxExperts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations <a href="https://infosec.exchange/tags/GPEN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GPEN</a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://thehackernews.com/2024/06/experts-uncover-new-evasive-squidloader.html?m=1" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://thehackernews.com/2024/06/experts-uncover-new-evasive-squidloader.html?m=1</a>

SnoopGod LinuxHackers Abuse Windows Search Functionality To Deploy Malware <a href="https://infosec.exchange/tags/DarkWeb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkWeb</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CTI</a> <a href="https://infosec.exchange/tags/OSINT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSINT</a> <a href="https://infosec.exchange/tags/CEH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CEH</a> <a href="https://infosec.exchange/tags/CPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CPT</a> <a href="https://infosec.exchange/tags/GPEN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GPEN</a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> <a href="https://infosec.exchange/tags/snoopgodlinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#snoopgodlinux</a> <a href="https://infosec.exchange/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ubuntu</a> <a href="https://cybersecuritynews.com/hackers-abuse-windows-search/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cybersecuritynews.com/hackers-abuse-windows-search/</a>

SnoopGod LinuxPenetration Testing Accreditation Guide for Aspiring Professionals <a href="https://infosec.exchange/tags/CEH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CEH</a> <a href="https://infosec.exchange/tags/CPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CPT</a> <a href="https://infosec.exchange/tags/GPEN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GPEN</a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/PenTestPlus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTestPlus</a> <a href="https://snoopgod.com/2024/05/20/penetration-testing-accreditation-guide-for-aspiring-professionals/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://snoopgod.com/2024/05/20/penetration-testing-accreditation-guide-for-aspiring-professionals/</a>

Vern McCandlishDamn "Then, I show several novel techniques I used to drop a universal root shell on nearly all Linux kernels between at least v5.14 and v6.6.14 (unpriv userns required) without even recompiling the exploit." <a href="https://pwning.tech/nftables/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://pwning.tech/nftables/</a>Great news for anyone taking the <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> this week and needing to pop root on a Linux box.

David BombalThe best Hacking Courses & Certs? Your 2024 roadmap to Pentester success.YouTube video: <a href="https://youtu.be/10P4aoXdXTI" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtu.be/10P4aoXdXTI</a><a href="https://infosec.exchange/tags/cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyber</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/informationsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationsecurity</a> <a href="https://infosec.exchange/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscp</a> <a href="https://infosec.exchange/tags/pnpt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pnpt</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hack</a> <a href="https://infosec.exchange/tags/hacker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacker</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/comptia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#comptia</a>

postmodernYes you can use <a href="https://ronin-rb.dev" rel="nofollow noopener noreferrer" target="_blank">Ronin</a> on the OSCP exam. I even emailed them and you can <a href="https://ronin-rb.dev/blog/2023/11/22/yes-you-can-use-ronin-on-the-oscp.html" rel="nofollow noopener noreferrer" target="_blank">read their response</a>. This is because Ronin does not, and will not, provide any automatic exploitation functionality similar to Metasploit's <code>db_autopwn</code>. You have to select the exploit for the vulnerability and run it yourself. Ronin just provides the framework part which helps makes writing and running exploits easy. Some people keep trying to argue this, but those are the facts. <a href="https://infosec.exchange/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscp</a> <a href="https://infosec.exchange/tags/oscpexam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscpexam</a> <a href="https://infosec.exchange/tags/ronin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ronin</a>

Yahe/me hat heute mit der Vorbereitung seiner <a href="https://chaos.social/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> Zertifizierung begonnen. Unterstütztend habe ich mir <a href="https://chaos.social/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackTheBox</a> und <a href="https://chaos.social/tags/TryHackMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TryHackMe</a> Subscriptions geklickt.Heute habe ich erste Inhalte auf TryHackMe durchgearbeitet. Einerseits eine nette Auffrischung und andererseits sind da tatsächlich hier und da ein paar nette Tipps dabei. <a href="https://chaos.social/tags/KennyHackt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KennyHackt</a>

ronin-rbYes, you can use Ronin on the OSCP. <a href="https://ronin-rb.dev/blog/2023/11/22/yes-you-can-use-ronin-on-the-oscp.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ronin-rb.dev/blog/2023/11/22/yes-you-can-use-ronin-on-the-oscp.html</a> <a href="https://infosec.exchange/tags/ronin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ronin</a> <a href="https://infosec.exchange/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscp</a>

postmodernOffsec support emailed back with this nugget of wisdom:<blockquote>If a tool is capable of automatically discovering and exploiting vulnerabilities on a target machine resulting in automatic remote access or escalated privileges without effort or enumeration, it can be considered a restricted tool.To further elaborate on the above, we highly recommend reading the below blog post regarding automated exploitation tools.<ul><li><a href="https://www.offsec.com/offsec/understanding-pentest-tools-scripts/" rel="nofollow noopener noreferrer" target="_blank">Understanding the tools/scripts you use in a Pentest</a></li></ul>Furthermore, please also keep in mind that there are many tools and unfortunately, we are unable to comment on all of them. Therefore, it is up to the student to determine if their chosen tool or script falls under a restricted category. This also demonstrates that you understand what the tool is doing and how it works.</blockquote>This seems to confirm that if a tool does not automatically identify CVEs and select the appropriate exploit, it is allowed on the OSCP Exam? <a href="https://infosec.exchange/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscp</a>

postmodernCurrent Status: trying to get Offsec to define "automatic exploitation". The <a href="https://help.offsec.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide" rel="nofollow noopener noreferrer" target="_blank">OSCP Exam Guide</a> states that "automatic exploitation" tools are restricted, but what does that include? Does that include Python and Ruby scripts? What about a Python script that loads <a href="https://github.com/Gallopsled/pwntools#readme" rel="nofollow noopener noreferrer" target="_blank">pwnlib</a> or a Ruby script that loads <a href="https://github.com/ronin-rb/ronin-support#readme" rel="nofollow noopener noreferrer" target="_blank">ronin-support</a>? What about a micro-framework like <a href="https://github.com/ronin-rb/ronin-exploits#readme" rel="nofollow noopener noreferrer" target="_blank">ronin-exploits</a> (which does not come with any exploits nor does it provide any db_autopwn-like functionality). Where is the line between "automatic exploitation" and "manual exploitation"? What about using <code>ronin-exploits new</code> to generate a skeleton exploit template? What about using ChatGPT?Enumerating which tools are restricted isn't enough, because there will always be new tools. I would also like to safely recommend <a href="https://github.com/ronin-rb/ronin-support#readme" rel="nofollow noopener noreferrer" target="_blank">ronin-support</a>, <a href="https://github.com/ronin-rb/ronin-payloads#readme" rel="nofollow noopener noreferrer" target="_blank">ronin-payloads</a>, or <a href="https://github.com/ronin-rb/ronin-exploits#readme" rel="nofollow noopener noreferrer" target="_blank">ronin-exploits</a> to people looking to take the OSCP Exam. <a href="https://infosec.exchange/tags/oscp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oscp</a>

Kevin Karhan :verified:<a href="https://infosec.exchange/@kalilinux" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@kalilinux</a> I mean a lot of people put up timelapses doing <a href="https://mstdn.social/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> with that track: <a href="https://www.youtube.com/watch?v=JC5IgIwf26I" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=JC5IgIwf26I</a>

Recent searches

Search options

Administered by:

Server stats:

#oscp