Search results

I downloaded a malware binary for Linux lately and unpacked it. Tried to run it as root, but it didn't work. Googled for 2 hours and found out that instead of /usr/local/bin, the malware unpacked to /usr/bin, for which it doesn't have any write permissions. I found a patched .configure and .make...

This one wasn't too difficult at all (I didn't prepare at all for it beyond what we did in the TTT and prior teaching experience).

It was a good exam, and very straightforward. The simulations were excellent. I liked it more than CySA+ and CASP+ (although CASP+ was a lot of fun). It definitely helps to do it right after teaching an ethical hacking course while the tools, process, and concepts are fresh in your mind. All I...

I've scheduled Data+ for next week, and I think I'm well prepared, but there's one area I can't seem to remember from the TTT session. Is it Skippy or Jif? And is it smooth or chunky? Any help appreciated.

https://jasoneckert.github.io/myblog/linux-fun-facts/

While I've submitted a ticket for this, I thought I'd post it here in case someone else has had the same issue and there's a simple solution. I booked the 220-1102 exam on Sunday. Everything on the site worked flawlessly. Passed it Tuesday and now want to book 220-1101. But today, when I log...

I was asked by Dan (who owns a local Cybersecurity MSP called Rhyno Cybersecurity that employs our grads) if I'd be on his podcast. It was last minute (the podcast was the same day as the request), and completely unprepared and unscripted. May be worthwhile for students (my current students...

I always get asked this question in a Linux course (sometimes in others as well), and this site does a pretty good job of answering it. It covers many popular SaaS solutions as well. https://www.opensourcealternative.to/

This is a tool that was recently released - I've been playing with it today and it's quite well done and fully-featured. As a result, it'd be a great addition to a Pentest+ (or Security+/CySA+/CASP+) course. https://github.com/D3Ext/WEF

This could be a fun extra to Network+ and/or Linux+/Server+/Cloud+ for sure! https://www.dns.toys/

You can install it with "dnf install cheat" (Fedora/RedHat/CentOS) or "apt install cheat" (Ubuntu/Debian) or "pacman -S cheat" (Arch) or "zypper install cheat" (SuSE): https://opensource.com/article/22/6/linux-cheat-command

There are some great talks in there, including Jim Manico’s epic OWASP keynote: This is a great addition for any Security+/CySA+/Pentest+/CASP+ course.

This would make a good addition to the macOS topic within an A+ course (or if macOS is covered within your Linux course): https://www.apple.com/newsroom/2022/05/apple-introduces-new-professional-training-to-support-growing-it-workforce/

A while ago, I found an old Wiley Cybersecurity book from the early 90s and decided to see what has changed from then until now. I did up a short blog post on the similarities and differences here: https://jasoneckert.github.io/myblog/cybersecurity-in-the-90s/ I'm posting it here as it may make...

We had a Cybersecurity company that does managed detection and response (in addition to the regular pentesting vulnerability assessments) for other organizations do a guest talk in my class earlier today. It was very interactive and engaging, and they were able to show my class the tools and...

Outside of academia, I kube the netes as an SRE for 2 different companies in Waterloo, Canada. Kubernetes isn't easy to explore, so I did up a quick blog with something that students respond very well to (I have steps for both Windows & macOS hosts in there)...

Covering Linux, Windows, Networking, BASH, PowerShell, Python: https://tutorials.cyberaces.org/tutorials.html

If you can't run a Linux VM (e.g. Kali) to perform penetration testing in your environment, or if you have a class with limited Linux prerequisite knowledge, here's a great resource that allows you to run open source pen testing tools directly on Windows: https://pentestbox.org/