#hack100days: day 74 : (D'oh. Yesterday was actually day 73.) Restarted the CRTO modules. Signed up for the lab. Working through the material and building out notes for the exam. #RedTeam #CRTO #GetSmart #CoSoSec
#hack100days: day 72 : (yesterday I watched soccer.) Finished up the CRTO modules. Time to sign up for the lab and go through it again. #RedTeam #CRTO #PrimumNonNocere
#hack100days : day 72 : CRTO today. Eighty percent through first pass. Goal is to get through it over the weekend and start hitting the lab next week. #RedTeam #CRTO #PrimumNonNocere #CoSoSec
#hack100days: day 71 : Moar #powershell! Sorted a couple of functions. Figured out how to create an object to store the data in and to spit it out as a json "blob". Need to focus on getting the first MVP done and worry about edge-cases later.
#hack100days : day 70 : Today was a day of json and powershell. Took a different approach than I usually do. Started with laying out a json schema for all the data elements I want. Then backed into into functions and code. I've coded in ksh and bash for so long, I'm more used to doing the functions first. This is more interesting, because now I hunt for LOLBAS to get the data. #redteam #LolBas #CoSoSec
@DLoIndustries "I wish I had a pencil-thin mustache..." https://youtube.com/watch?v=H8W82ZdPfdo&si=EnSIkaIECMiOmarE
#hack100days : day 69 : Forgot to post last night. Watched @[email protected] @[email protected] "Newbie Tuesday" stream. Biggest take-away was older Logitech wireless devices speak wifi. So, "BadUSB"/RubberDucky is in-play during physical tests: https://github.com/insecurityofthings/jackit/tree/master/jackit #redteam #CoSoSec
#hack100days : day 68 : Watched some #rust videos by @valhalla_dev@twitter/@[email protected] Watched him go over some chapters out of the Rust Book and a couple of videos on malware dev. #redteam #GetSmart #CoSoSec
#hack100days : day 67 : Read another chapter #rust. This one hurt my brain and will need to be revisited. #getsmart
#hack100days : day 66 : Took a crack at #HackTheBox new release, Inject. I've gotten rusty. #CoSoSec
#hack100days : day 65 : Kept chipping away at _Rust_Programming. Took at look at Defender and Advanced Threat. Created a query for finding admin users modifying registry run keys. I'm a fan of the 'project' command to grab only the columns I care about. #GetSmart
#hack100days : day 64 : read another chapter of _Rust_Programming_… Site visit today, learning and relearning about processes and tech used to make the firm money. Thinking hard about attack paths and drafting possibles exercises. #redteam #getsmart #CoSoSec
#hack100days : day 63 : Lots of context switching today, articles, newsletters, and such. Going to unplug and finish another chapter of _Rust_Programming_Language_. #GetSmart #CoSoSec
@Rowdy On the iPhone, there's a per-app permission in settings. I assume there's a similar setting for Android. Maybe under some Privacy-type category.
@Rowdy A friend emailed about a similar situation and asked "how". Digging around the settings of my phone, I discovered the gmail and google apps had access to my phones microphone. No need for that, so I turned that off. So, check out the smartphone permissions for the microphone.
#hack100days : day 62 : Wasn't up for it yesterday, took a sick day. Did some poking around at a recent CVE. This led to another thread, though. Something that could lead to finding weird... Look for instances of the Windows process WerFault.exe starting. What was the parent process? What was the user id for the process? You may find something that is well broken and needs fixing--that cleans up log files--or something that needs further research. #ThreatHunting #BlueTeam #CoSoSec
#hack100days : day 61 : Another light day. Read articles and another chapter in _Rust Programming Language_--was reminded to keep up on that via link from a @thegrugq newsletter to @buttplug.io (@twitter) thread, leading to @m_ou_se@twitter presence talking about her book _Rust Atomics and Locks_ (which is available at https://marabos.nl/atomics/, so I have some more reading and coding to do... #GetSmart #Rust
#hack100days : day 60 : Another section of CRTO done. Learned more about MSFT's Data Protection API, which was new to me. Otherwise, it was light today. #GetSmart #CoSoSec
Muddling through.