2015-12-17

90 days in - Update

90 days in lab experience: 13 machines owned, a couple on their way...

I've renewed my lab time another 90 days. I plan to go through the material and videos a second time and write up the exercises.

Huge learning experience for me, scripting and being able to read different code is important. Also, think simple. Sometimes its the little things that make a system vulnerable...

2015-09-28

Penetration Testing Resources

Free Penetration Testing Resources
If you are taking the PWK/OSCP, then you are expected to aid your studies with additional resources. Check out the following...

NIST - Technical Guide to Information Security Testing and Assessment

ISECOM - Open Source Security Testing Methodology Manual (OSSTMM)

PCI Security Standards Council - Penetration Testing Guidance

Penetration Testing Execution Standard

Penetration Testing Framework

SANS Penetration Testing Resources

Cybrary.it has many free videos and resources on many information technology topics from networking to linux and virtualization and lots more!

Cybrary.it - Penetration Testing and Ethical Hacking

Cybrary.it - Advanced Penetration Testing
Slides from Cybrary.it - Advanced Penetration Testing

SecurityTube.net - Like YouTube, but Information Security!

IronGeek.com - Adrian Crenshaw has been recording Information Security conferences forever and uploading the videos to his website and YouTube Channel. Thanks!

Open Security Training

Offensive Security Metasploit Unleashed

Open Web Application Security Project (OWASP) Testing Guide


Penetration Testing Resources that cost CashMoney
If you have the funds available, I recommend purchasing the following:

Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman. I purchased this book, because I had the pleasure of seeing Georgia Weidman present the SmartPhone Pentest Framework (SPF) at AtlSecCon 2013. She also teaches the Advanced Penetration Testing Course at Cybrary.it. She knows #infosec...


*** I'll keep adding things as I find them. Last Updated: October 13, 2015 ***

2015-09-23

Offensive Security PWK & OSCP #yolo

I am taking the Offensive Security Penetration Testing with Kali Linux (PWK) course in preparation to schedule and eventually take the Offensive Security Certified Professional (OSCP) 24 hour hack-all-the-things challenge.

Offensive Security


I think I am in over my head... But I am and will TRY HARDER. I plan to post some notes on the experience as I go, check back for updates.

About PWK and OSCP
These guys make Kali linux, nuff' said...

Offensive Security Penetration Testing with Kali Linux (PWK)

Offensive Security Certified Professional (OSCP)

Offensive Security is a great company that supports many information security communities and events, check them out!

2015-03-07

Information Security Events and Groups in Atlantic Canada

Atlantic Security Conference (AtlSecCon)
The only security conference in Atlantic Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines.

Halifax Area Security Klatch (the HASK)
The Halifax Area Security Klatch (HASK), provides a forum for experts to encourage discussion and share expertise in understanding the latest trends and security threats facing computer networks, systems and data.

Our membership includes Information Security practitioners, managers, network administrators, students, and anyone who is interesting in learning more about securing information.

We meet at the Halifax Club in Halifax, Nova Scotia. Typically, we meet the last Monday of the month except for March, June, July, August, and December; unless otherwise notified.

Security B-Sides Cape Breton
What happens when many high quality information security speakers don’t get a chance to speak at the BlackHat Briefings Conference in Las Vegas? You make a new, more inclusive conference! 

B-Sides is a template conference design powered by grassroots organizers, has spread to dozens of cities in several countries, and it is Cape Breton’s turn this fall. The community of researchers, academics, professionals, and enthusiasts who attend, organize, and speak at these nonprofit conferences customize the atmosphere and dialogue in each city, but the sense of collaboration exists at each location. 

Intimate educational talks are the start of quality networking and interaction between participants and speakers and B-Sides Cape Breton is seeking exceptional speakers, both seasoned and new.

Our guests come from all over the country, but you don’t have to be an industry professional to attend. We encourage anyone interested in learning more about information security to join the conversation.

Atlantic HTCIA
The HTCIA Atlantic Canada Chapter consists of members from the four Atlantic provinces:
  • Nova Scotia
  • New Brunswick
  • Prince Edward Island
  • Newfoundland
The High Technology Crime Investigation Association is composed of 8 regions within the United States and 6 international regions, including Canada. The Atlantic Chapter is one of five chapters in the Canadian region. Internationally there are 38 chapters overall.

Moncton Area Security Klatch (the MASK)
The Moncton Area Security Klatch (MASK), provides a forum for experts to encourage discussion and share expertise in understanding the latest trends and security threats facing computer networks, systems and data.

Our community seeks to involve Information Security practitioners, managers, network administrators, developers, students, and anyone who is interesting in learning more about securing information.

The MASK will be a monthly event, at a soon to be determined venue. Each invent will include, but not limited to:
  • Social time & networking to meet and discuss with other enthusiasts (Appetizers and drinks included, thanks to the sponsor)
  • Vendor sponsored presentation
  • Presentation done by MASK member
BSides is an open platform that gives security experts and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with others in the community.  It is a rare opportunity to directly connect and create trusted relationships with key members of the community.

St. John’s is located along on the East Coast of Canada, on the northeast of the Avalon Peninsula in southeast Newfoundland. It is the most easterly city in North America.