Tonight’s training was all about scanning & enumeration. Covered the basics like using Kioptrix, scanning with Nmap, enumerating HTTP and HTTPS, enumerating SMB, enumerating SSH, and digging in deep to find appropriate/potential vulnerabilities. Another great day of work in the books.
Today I spent a few hours prepping for the Practical Network Penetration Testing certification.
Today’s course material focused on Reconnaissance. Topics included Passive Reconnaissance, Identifying the Target(s), Discovering Email Addresses, Gathering Breached Credentials with Breach-Parse, Hunting for Breached Credentials with DeHashed, Hunting Subdomains, Identifying Website Technologies, Overall Information Gathering with Burp Suite, Google Fu and everyone’s favorite Utilizing Social Media to find out about all of your friends and neighbors – should be highly informative.
But first! To get my mind right I was able to hit the gym again🤙🏽 — today’s training was:
Upper pressing and scapular stability work
A1. Strict shoulder press – 2 x 10 warm up sets with an empty bar – then 15, 15, 15; rest 0
Over the last two weeks Ive been doing my best to balance my undergraduate work, my non-existent weightlifting, Wing Chun, BJJ, Jeet Kuen Do (I refuse to continue cosigning to the universal misspelling of the romanization of fist or style of fighting which in Cantonese is kuen vs kune), Thai boxing, and my actual job as a cybersecurity sys admin. Something else Ive added into the mix over the last two weeks is adding in some google education system admin training. I’m happy to report that over these last two weeks I have been able to earn the Amplified Admin Security Specialist Certification for the of us who, at least in a small part, work in the Education Google Workspace Admin arena. It’s an advanced-level, security-specific training for Google. The training built upon the foundational and advanced Amplified Admin Level 1 and 2 courses. It provides a comprehensive understanding of cybersecurity risk factors facing EDU leaders and how to appropriately mitigate through setting configurations.
Next up is Heath Adams’ Practical Network Penetration Tester certification. The #PNPT cert covers Practical Ethical Hacking, OSINT Fundamentals, the External Pentest Playbook, & Linux + Windows Privilege Escalation for Beginners. Once I can get this and just a few more certs under my belt I’ll be able to relax and maybe even take a vacation soon. But who knows, we’ll see 😉
Iraqis say they won’t be mourning death of former US secretary of state who oversaw catastrophic invasion of their country
‘He lied’: Iraqis still blame Powell for role in Iraq war
By QASSIM ABDUL-ZAHRA and ZEINA KARAM
“It’s crucial to remember just how important Colin Powell was to selling the Iraq War, and how deliberately he used his public credibility to boost the lies that pushed us into the war. That is his biggest legacy.”