Archive for Tools

New Great Tool – Web Hacking

I am trying to focus on both Web App Security and Threat Intelligence for the next few months.  I would love to work on bug bounties in my spare time, but I am not a programmer and know only just enough web app development stuff to do my job.  That is, I have a base knowledge from my certification studies (and lab work), and from running Burp Suite for pen testing, but I don’t feel ready to participate in any type of bug bounty programs.

So far, I have only signed up for a couple of Udemy Classes and purchased the book that was recommended,  The Web Application Hacker’s Handbook:  Finding and Exploiting Security Flaws, 2nd Edition.  But I was looking around the bugcrowd website  this morning and found a site I love.  Hacksplaining is a great resource and should be included in your learning list if you too need to get up to speed quickly.  The site is awesome, and super easy to follow.  There are pictures and walk-thrus and is really a great way to learn.


A Crazy Security Kind of Day

Today I had a plan for learning.  I was going to spend a couple of hours this morning (in whatever chunks my regular work projects allowed) on learning Python and a couple this afternoon doing some Web Development learning and building since I am trying to cram both into my brain as quickly and solidly as possible.  HOWEVER, it did not turn out that way.  I had a much more interesting day, and in hopes that I not forget anything that happened, I decided to document it here.  I am afraid all this will prove is that i for sure have a healthy dose of Adult ADD.

I should have known it was going to be a super special interesting day by the wild tangent of a podcast I started with on my drive in.  I have been obsessing this week on the CodeNewbie podcast, listening to episodes in no kind of order other than what sparks my interest at the moment (dangerous, I know).  It was a good episode, but the best takeaway for me was Zen Pencils!  Have you seen this?  You MUST check out this amazing cartoon if you haven’t, for me, it was life changing.

After printing off a few inspiring cartoons to plaster the walls of my cube with, I was able to work through my second round on chapters 13-15 in Learn Python the Hard Way and the next section from my Automating OSINT Python course before I was off to a really interesting webinar on ransomware that was sponsored by a CISCO user group in my area.  I expected the content to be more, techy, I guess, but it was still really interesting.  I finished that and was off to work on some other work tasks.

I am now back at my desk with a break and find myself Googling the speaker from my webinar and find his super cool site The Dark Knight.  I read that and then remember that he talked about some resources that helped him break down what was happening with his clients who hired him to help with ransomware.  That took me over to the SUSE site to read a really cool breakdown of hexdump and how to see the insides of a document. . .see . . . isn’t it kinda cool!


And suddenly I am in love with tech again and remember why I got into this “career” in the first place.  Now, if I could just find a tool to keep me focused on learning one thing at a time so I could actually feel like I am moving forward that would be great.