#hack100days I fell down and broke the chain. Watched Nahamsec's Live Recon Sundays session today with Stök and JHaddix where they interviewed @lilc. That was fun and a good reminder to get back at it. Got run some errands and then back at it tonight. #infosec

@Lucertola Warm buns are the happiest buns.

@Ishihara https://giphy.com/clips/justin-no-nope-dr-evil-GL4TnGWCCIC4XCMfAe (At least from me. For the time being.)

@Amyfb A lot of them are public. I'm not certain about the slides.

#hack100days Day 6: Virtually attended SANS CloudSecNext Summit, day 2. Some good presos. Site capturing all the links: https://start.me/p/7krAd2/sans-cloudsecnext-2022 Today's keynote was good. Emerging Threats Against Cloud Application Identities... was a good press by Basseri and Bercik. Found a pointer to http://kubebyexample.com, so off to that site to get basics down before re-trying Kubernetes Goat #infosec

Link to Sounil Yu's slides: https://sansorg.egnyte.com/dl/UdfWs2kXbO

#hack100days Day 5: Virtually attended SANS CloudSecNext Summit. Really good Keynote by Sounil Yu (https://youtu.be/mEGqC1tuO4E). Also saw a preso on K8 security by Jay Beale.

#hack100days Day 4: Installed k8s on Ubuntu lab box. Downloaded Kubernetes Goat (https://madhuakula.com/kubernetes-goat) to install later tonight or tomorrow. I wish to grok the networking better. #k8 #infosec

#hack100days Day 3: Reviewed shub's (@infosec_au@twitter) slides (https://drive.google.com/file/d/14OFU-B2CqnrNlMX9jis1ApRIAOlJNfbW/view) from NahamCon 2022 re: Finding 0days in Enterprise Software. I did not know Lotus Domino was still a thing. #ssrf #infosec

@Jeber I suspect the other two are a little more user friendly and are more interoperable with Winderz. I wish it were more front and center as an app on iOS.

@Jeber Been using Apple Keychain across Mac and iOS for years and it's worked well.

#hack100days Day 2: Listened to @jhaddix@twitter talk about his #bugbounty methodology at NahamCon. Lot of good tools and some advice on things to pay attention to during enumeration. Need to re-watch and take notes--play with some tools. (Also was up to wee hours this a.m. working NahamCon ctf) #infosec

@safesecs Contemplating a sabbatical. The family CFO is on-board. So, if one of my career pings comes back with a type-mismatch... It'll be time to adjust the sails.

#hack100days Day 1: Enumerate targets in a web application CTF. Explore potential sqli points. Look at SSTI for Werkzeug. Look at SSRF candidate. (dafuq is a gunicorn?)

Making a run at 100 days of hacking. Not setting a super high bar. Minimum, critically read a security article and take notes. Max, hands on keyboard and write/edit a script, hack on a ctf or lab box, work on a hacking workflow. #hack100days

@ianthealy True, there are no ads.

I'm using #pihole to 86 ads, which makes counter.social sad and warn me stuff isn't going to work. Anyone take a crack at making CS unsad? I looked at the logs and don't see anything getting blocked. #dnssinkhole #adblocker

Looking for all the #infosec #cybersec and #bugbounty peeps. Hope to see more of the folks I follow on other platforms make it over here. Uffda!

I'm hacking away at #hackthebox Dante pro lab. I've gotten a foothold and now working my way through the boxes behind the dmz. #htb