Posts

Cybersecurity: Please Try to Not Get Sued (Or Arrested)

Image
  If you are just coming into cybersecurity, pump the brakes and let's chat about how to not get sued.. or worse. The Background - this message on LinkedIn from last night: Let's break this down: NMAP could be considered OSINT.  OSINT - is the collection and analysis of data gathered from open sources (covert and publicly available sources) to produce actionable intelligence. See Wikipedia page for categories. Doing NMAP scans on "potential clients" without permission is against NMAP terms and conditions. Unauthorized port scanning, for any reason, is strictly prohibited. You could face legal action if you perform unauthorized scanning & assessments, and jail time  absolutely if you knowingly access without permission.   In the comments, a student from WGU was advocating for OP: The breakdown on this one:  His is misinformed. At first, I was frustrated that these two individuals, people who appear smart and passionate to network, seemed to be missing a major com

[OSINT] 3 Nights of Twint Drama Boiled Down to 4 Steps

Image
  Hey all! Quick one here. Twint does not currently work without some modifications. I fought with it for several nights and hope now you won't have to.  I came across Twint during the TCM Security OSINT course and promptly was like "I'm gonna install that and play with it!" A week later, I've learned some things about installing it and have yet to play with it. This post serves to document what I had to do to get it to work. It may or many not work for you but it's worth a shot if you meet the following specifications:  Kali Linux 2022.3 ( with updates ) The following software selection 1 pipenv I decided to install Twint via pipenv (s/o to Gray on the TCM Discord for suggestion/direction and some of the work here is theirs). It did not install via pip so I decided to install it via sudo, although if I was not on an easily burnable virtual machine I would have looked for another method (like homebrew  or something).  Code: sudo -H pip install -U pipenv 2 I

Stitching Together a Useful Sock Puppet Account

Image
Stitching Together a Useful Sock Puppet Account After finishing up TCM Security's OSINT module last week I wanted to expand upon a few topics with a little more detail. I'm starting with sock puppets since I struggled to find a comprehensive blog which had been produced in the last 6 months, especially knowing that new tools come out often/social media platforms change up so much.  In the cybersecurity world, a sock puppet account is a fake account that is utilized in OSINT and other investigations to do research and even converse with targets.  I have some significant experience with sock puppets and although that may make me sound like a weirdo, bear with me.  I have created a number of sock puppet accounts to chat with romance scammers, I've also done reconnoissance for a number of pentests, competed in OSINT CTFs, and am just naturally cautious about people online so have utilized sock puppets in a multitude of ways for my own research.  This takes us to the most import

[TCM] Practical Ethical Hacking Kickoff by TCM Security

Image
PNPT TIME! I'm stoked to kickoff The TCM Security course  Practical Ethical Hacking , one of a few courses that I will be taking from the company before attempting their  PNPT  certification.  I'm bringing in a fair amount of foundational knowledge already but think I may need some extra study in a few areas, so I'll be sure to detail those as I get to them.  If you don't know a ton about TCM or the PNPT well here's a challenge to you. Check out the links, join the discord channels available, and absolutely follow TCM/ Heath Adams  on LinkedIn, Twitter, Twitch, YouTube.  Blowing Past the Introduction In all honesty, I quite carefully paid attention and took some notes, so don't actually blow past the first sections as some great time is spent speaking about what it will take not only be on a red team but to succeed (and stay) in this industry. For shortness in this blog post, however, I'm going to skip into the first meaty part, Notekeeping . If Pentesting i

[THM] Phishing Emails 5 by TryHackMe

Image
Congrats to you at the Last! Task 1   Q: What is the email's timestamp? (answer format: dd/mm/yy hh:mm) A: 6/10/2020 05:58   Open this in a different way than you may first think.. I wonder what Thunderbird would make of this email?   MASSIVE TIP: At the time of this post, there is a glitch. It is not dd/mm/yy it is dd/mm/yyyy. You'll need the whole 2020 (what a year, amiright?)   Q: Who is the email from? A: Mr. James Jackson   Again check out the email when brought up in Thunderbird.   Q: What is his email address? A: info@mutawamarine.com   Q: What email address will receive a reply to this email?  A: info.mutawamarine@mail.com   Q: What is the Originating IP? A: 192.119.71.157   Q: Who is the owner of the Originating IP? (Do not include the "." in your answer.) A: Hostwinds LLC   Q: What is the SPF record for the Return-Path domain? A: v=spf1 include:spf.protection.outlook.com -all   I love MX toolbox, partly because they make such useful tools for

[THM] Phishing Emails 4 by TryHackMe

Image
 Welcome again, we're getting close to finishing this one up!   

[THM] Phishing Emails 3 by TryHackMe

Image
Great Work Getting Here!  I've got a few more posts to slam on out so I'm going to jump right on into this one.