Archive for the ‘Ramblings’ Category

Rising from the ashes?

Saturday, August 29th, 2015

lets see.. been awhile eh?  I have switched jobs, lost, gained, then lost weight again and a bunch of other things.

I guess I will once again to attempt to blog my progress on the internet of things…

today.. configuring a VPN.. tomorrow the world?

Groupon and food

Tuesday, March 4th, 2014

I love my children but they have seriously dipped into my eating out fund.  A great way to cut my spending when I want to eat out is only eating at restaurants featured on Groupon and Living social. 

The Groupon cost $15 dollars doe $30 dollars worth of food. Which basically paid for my meal.  Only had to pay for the rest of the family.

The restaurant was awesome.  It wasn’t snooty at all.  The restaurant owner even came out and danced with the kids as they listened to live guitar music!  The food was awesome.  If you know me you know that I usually have something to complain about.

SSLv2 on Kali

Saturday, November 2nd, 2013

So for awhile now checking for SSLv2 on Kali has been a pain.  Openssl would crash so I assumed that it wasn’t there.  I would get TLS V1 SSLv3 when I just ran Openssl -connect to see if it is there. Apparently it was just broken and here is the fix.

 

http://blog.opensecurityresearch.com/2013/05/fixing-sslv2-support-in-kali-linux.html

My first in person CTF!

Wednesday, August 14th, 2013

This past weekend I was apart of a CTF in Annapolis Junction, Maryland.

https://www.altamiracorp.com/ctf

We didn’t win which kinda sucked but that wasn’t the reason why I joined the team.  I was there for the  experience.  I wish it was a better experience.  The rules weren’t very clear so by the time we figured out what we SHOULD have been doing it was way to late in the game.   I did get a challenge coin out of it which was cool.  I also got 3 cans of red bull.  I am going to be doing more of these CTF’s because they seem to be a lot of fun.  Especially with the right team.

Vulnerability Scanner can also have vulnerabilities

Wednesday, August 7th, 2013

Products like nmap and Nessus are a Ethical hackers best friend.  We use them to narrow down potential vulnerabilities in websites and networks.  We are reminded eventually that those too  can have vulnerabilities in them.  Today we find that has them.

This is also a good reason to make sure that testing on these applications are done in a safe lab environment before introducing them to client environments.

http://seclists.org/fulldisclosure/2013/Aug/67

Happy New Year!

Saturday, January 5th, 2013

The end of the year has been one of the most insane times of my life.  I gave birth to two healthy baby boys!  We survived dooms day AND the fiscal cliff.  I have a few things I want to do while still on maternity leave.  One hook up the momma mobile with a new stereo system.  I also want learn python and get into some hardcore studying for my GPEN.

Week 36 Pregnancy with twins

Wednesday, November 14th, 2012

So..

I have made it to week 36.  This means the boys are due at any time.  I am currently on maternity leave and very happy for it.  I don’t have to focus on anything but me and the boys. I thought about making another blog to record my journey as a twin mom to be.. but then I changed my mind.  I am way to scatter brained to do that lol.

Updates again I suppose..

Tuesday, August 7th, 2012

So,

I am now 22 weeks pregnant with twin boys.  I still need to work on my GPEN. I am also currently coming up with ideas to assist me in finally beating my fear into the group and learning how to code.  I have chosen python for many reasons. For some reason I can figure out a program, it’s inner workings, but when it comes to developing.. well.. I would rather break it.  :D.

Burp Suite Framework you say!

Tuesday, August 7th, 2012

James Lester & Joseph Tartaro: “Burp Suite: Informing the 99% of what the 1%’ers are knowingly taking advantage of

Burp Suite has created a name for itself as arguably one of the go-to weapons of choice for web application pentesters, but one of its best features is consistently being ignored: the ability to append or modify functionality through the use of burp extensions. Extensions as a feature have introduced users to numerious possibilities, and have given opportunities to easily develop functionality that’s necessary to complete required test related tasks. With all that is available through Burp extensibility, why have we not seen its users contribute functionality to the same degree as community driven projects such as MetaSploit or the Nmap Scriptability Engine? In this presentation, James Lester and Joseph Tartaro will debut their campaign, which focuses on building demand, support, and an overall desire around the creation of Burp extensions in the hope of bringing extensibility to the forfront of web application testing. As a team, James and Joseph will begin by outlining the current demand, capabilities, and limitations while introducing up to a dozen extensions they created that presently utilize all current accessible functionality within the extensibility suite. Along with the release of these extensions, a campaign will be presented to organize and develop an extension community that documents tool primers, lessons learned, and tips/tricks, along with hosting extensions and tools catered to Burp. As a team, Joseph and James will showcase the benefits to their approach, which include increased efficiency and a simplified way to write new scripts. During development of this talk, James and Joseph took into consideration that re-use is a key factor and development techniques were used to help test user adaptation. Something learned isn’t research until it’s shared, and they plan to put this statement to practice utilizing B-Sides as a perfect tool to help collect data, convey interests, and share results.

BSides Talks from Las Vegas 2012

Tuesday, July 31st, 2012

Irongeek has been nice enough to put all the talks from Las Vegas on youtube.

http://www.youtube.com/playlist?list=PL6BDB3C7E02162BAB