I passed the certifcation y'all! Thank you to my supportive and advancement cheering SOC, Infosec Team, and Family. I wouldn't have been able to do it without
each and every one of y'all. I love you and appreciate you more than you will ever know.
I've completed reading the books multiple times. My index is almost done. The goal is to not use the books...too much. I got through the practice without em.
After the exam I will share my index and method for study given no issues like failure come up.
Update: Index is now available via hyperlink above. Each color corresponds to the book-day that contains the entry. The Index document is in NO WAY a relfection
of the amount of information provided from the SANS instruction and/or books. This is simply an index of information that I way need to reference come certification test
time. With that being said.... your Index should be 4-5 times bigger IF you don't have a good amount of the information stored in your brain. My Index will continue to be
updated until the test is complete. Peace.
In the realm of cybersecurity, having a robust toolkit for web application security assessment is crucial. Here are some of the most effective open-source tools that can help infosec professionals identify and mitigate vulnerabilities in web applications.
1. **OWASP ZAP (Zed Attack Proxy)** - A popular tool maintained by the Open Web Application Security Project (OWASP). - Features automated scanners and a set of tools for finding security vulnerabilities in web applications. - Suitable for beginners and advanced users.
2. **Burp Suite Community Edition** - The free version of the Burp Suite from PortSwigger. - Includes essential manual testing tools. - Can be extended with plugins to add more functionalities.
3. **Nikto** - A command-line tool that scans web servers for vulnerabilities. - Detects outdated versions of web servers and identifies various security issues.
4. **Wapiti** - A command-line tool that performs black-box scans of web applications. - Scans for a variety of vulnerabilities, including XSS, SQL injection, and file disclosure.
5. **Arachni** - A feature-rich, high-performance web application security scanner framework. - Supports both command-line and web interfaces. - Extensible with custom scripts and plugins.
6. **Vega** - A free and open-source web security scanner and testing platform. - Includes an automated scanner for quick assessments and a proxy for manual testing.
7. **W3af (Web Application Attack and Audit Framework)** - An open-source web application security scanner. - Combines black-box scanning with a variety of plug-ins for different types of vulnerabilities.
8. **OWTF (Offensive Web Testing Framework)** - Aimed at making penetration testing more efficient. - Integrates with other tools and automates many testing tasks.
9. **SQLMap** - An open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws. - Features a powerful detection engine and many niche options for the ultimate penetration tester.
10. **Metasploit Framework** - While primarily known for exploitation, it includes tools for web application scanning and exploitation. - Extensible with a wide range of modules for various tasks.
These tools can help in identifying and mitigating security issues in web applications. Always ensure to use these tools ethically and only on systems where you have explicit permission to test.
So I fixed it without modifying the hardware. The IP is the IP address of the Poweredge server. Username and passsword
are those setup for iDRAC. Yes, I-DRAC @ home. Pro Tip: | Have a homelab that allows you to test what you 'might' want to implement at work.
Group policy updates, pushing network scripts, etc can all be practiced in the safety of your own env... because of the advances of technology
[cheap enterprise hw@home].
It comes down to life choices based on what is considered important. In grade school I traded my holo-pokemon cards for $. $ I used to buy a ugly-funky-wobbly thinkpad then taught myself from that day on. YOU CAN BE AWESOME IF YOU FOCUS! "No time like the present". Ok, i'm done. Read up.
##Fan control enable##
ipmitool -I lanplus -H 192.168.1.209 -U root -P PASSWORD raw 0x30 0x30 0x01 0x00
##Make the fans silent @ 20%##
ipmitool -I lanplus -H 192.168.1.209 -U root -P PASSWORD raw 0x30 0x30 0x02 0xff 0x14
I'm in study mode for most of this week and will not be able to assist much. As always, feel free to send me your inforsec questions. GIAC GCIH soon hopefully!
The DJi Mini 2 SE has a huge flaw. The camera gimbal is flimsy, comes apart easy, and costs approximately $80-120 to have repairs "professionally done.
I opt'd to design a mount that attaches to the oem location under the gimbal dampener mount and provides the stability required while allowing for full travel of movement in every direction.
As you can clearly see I am many many MANY versions in and am not sure where this will end up. Best of luck to myself.
Printing another one...
Version 3.0~ish. Seems pretty weak. Decent concept to improve on though.
In the digital realm, where circuits hum,
Dwell minds unique, where thoughts do come.
In the cyber sea, where bytes align,
Lives a world where differences shine.
For some, the dance of social grace,
Is a labyrinth, a daunting space.
Neurodivergent souls traverse,
Navigating with minds diverse.
In pixels and code, they find their home,
Where judgments fade, and they can roam.
Yet, in the dance of human interaction,
They may find challenge, a subtle distraction.
Misunderstood, they often feel,
As social cues, they struggle to reel.
In the whirlwind of conversations fast,
They may find themselves outcast.
But let us pause, and take a glance,
Beyond the surface, give them a chance.
For in their minds, brilliance gleams,
Innovative thoughts, vibrant dreams.
Their quirks and idiosyncrasies,
Are part of what makes them, if you please.
So let's embrace their unique way,
And make room for them in the cyber fray.
For in understanding, we may find,
That differences enrich humankind.
So let's build a world where all belong,
Inclusion, acceptance, our hearts' song.
Hide my plaques inside the closet, I just can't explain it.
Actually I can. It's life. In life new accomplishments mean more to me. Also, there isn't much space for all that noise on the walls. It is motivation, for the kids, to keep pushing.