Primz
Active Members-
Posts
89 -
Joined
-
Last visited
Profile Information
-
Gender
Male
Recent Profile Visitors
1,620 profile views
Primz's Achievements
Newbie (1/14)
-
Stop spamming the forum dude
- 1 reply
-
- penetration
- testing
-
(and 6 more)
Tagged with:
-
Not possible as of yet.
-
Ok have only skimmed over all the above but just want to throw in my 2 cents. Dos and donts really. Skype is hugely penitratable, if you have a used laptop you should completely reformat it, if you have a company laptop and have been sent malicious links via mail then it's a result of your company's exchange filter of what gets though so the fault is in then, have you been using this laptop for downloading music, movies, any torrents ect? If so you could have downloaded a RAT without noticing (remote administration tool), have you been opening up any word or excel documents that have macro attached? There is so many routes to gain access the list does go on. But if your company wanted to actually look into the mater legally they would need to send it off to a data forensic company for review, any inhouse reviews are just the first step. Personally if the company is at fault and didn't secure the network or hardware you work on remotely then the fault is with them. Even if you was using the internet to download all sorts it's still in the company's interest and legally tender to keep all info secured properly and a leak of data to a minimum of a breach has happened. So it is a hard one to say tbh I would love to put your mind at ease. Maybe a side not tho. I once got contacted by a company looking for a security issue they had, long story short there was unknown logins to the company's cloud remotely, 1 week of full scanning checking and poking about and it turned out that the IT manager forgot his laptop charger and decided to log into the cloud from a Internet cafe in London...... there was the security breach lol. He was at fault in one way but again he didn't lose his job. So if we being really honest here and you know you not done anything silly or anything then, you go to your meeting, look them in the eye and say, this is no known fault of my own, before any hearings I would like a data forensic team to look into this security breach as I believe I wasn't negligent and this is a internal company security matter. Hope all goes well let us know how you get on
-
Well hello everyone...... has been a long long time. Sorry for the absence but work, family and life in general does get in the way sometimes. Anyways to the point for the last 3 years have been going about my pentesting career and lately have been involved in the R&D on a new network auditing and monitoring suit of tools. They are not letting off much at all on what they are working on but have said it's a network tool and they have given me a feedback form or should I say book of forms and the bulk of it is them asking what arsenal of tools/features would I want to see if I could make my own product for my own network? Good question to be honest as this is something I've not really thought about. As I use metasploit in pretty much all of my pen tests, I only really look at it from one side of the fence and again use the same steps for all my pen tests to be honest apart from the odd tweak here and there if needed. But from a network managers point of view what would they want and what tools would they want to encompass for network monitoring, pattern detection, network A.I, port and device scanning, traffic info, exploit testing, sql scanning, auditing and reporting in real time ect, credential security ect you name it. So so being blunt, not for you guys to do my homework for me but if it was your network and you had a tailor pick a suit of tools (open source) then what would they be and why? Primz
-
SOunds like the start of a new hacking tv spin off show :) By day he pours coffee and by night he cracks servers :) Am only playing. Personly i think the possative attitude is most of the struggle as with pen testing network security things change very quickly and what nce worked today might not work tomorrow. I would say go for the smaller CONs tbh as like others have said its all about networking, regardless if your a begginer or a expert its all networking. I would also say take a look at a Kali course as for myself this really did open my eyes to a lot of things, and my skill level would not be anywhere near as it is now if it wasnt for OSCP, but again there are many other courses paid or free available just have to look and do your homework. As for a job in IT, what do you mean? As a job in IT can be anything from sales, account managment, IT manager, systmes manager, engineer, help desk, CRM. the list really goes on. What i think you might of ment is a job at network security / Pen testing and in that case i would say the above. Smaller CONS, mingle with the crowd and network, educate yourself in a area or areas you have interest in and take if from there.
-
Sweet. Thanks for the reply seb Primz
-
Newbi3 thanks for reply dude. Am just about to order myself the tetra today as it's my birthday and if I don't treat myself then no one will ;) so all the code for each module is on the pineapple where I can read modifie it of needed? Primz
-
Hi all just a quick one, maybe I'm not looking in the right place but where is the best place to look to find all the code for each Tetra Modules that's available on the pineapple? Primz
-
Yeah iv been wondering something similar myself. Is there somewhere I can find the modules for the pineapple to play around with the code and where I can find other modules that the community is working on for Kali and the pineapple?
-
Yeah the size factor of the nano is appealing but if purchased it will be part of my tool kit for pen testing. To be honest I do like the pineapple but with the markV I found it really just a mitm box so I hope the tetra put a bit more out than that tbh. From the way it's looking I think it's going to be the tetra and obviously at somepoint will get the nano but we shale see Going to hold off until the end of the month as decide then.
-
Hi all, hope everyone is having a good weekend. So I have been away from the forum for a while. Work, family and life in general. But while I have been away iv noticed in my absence the Hak5 team have popped out a few new pineapples so before I impulsively spend nearly $400 + shipping on both the new devices I was wondering is one better than the other? What would be the best device to get if I had to pick one? The tetra or the nano? Also how does the new devices differ from the MarkV? Is it just the hardware spec that is juiced up or is there more modules or better way of use? Personally I loved the Mark V as it opened up the doors for me to have an interest in Kali Linux and take a kali course and now am starting out in pen testing as a professional career but mostly tbh I only really used the pineapple for mitm attacks everything else was done via Kali. So I ask myself and the community this what one would you purchase is you had the choice of only one device? The Tetra or the Nano? Let me know your honest thoughts as my money rests app-on this vote. :) Primz
-
Hello all, hope all is good as can be. Long story short was just about to pay a immense amount for a phantom4 drone (£1250) (birthday present am not rich yet) and thought for that price I think the bulk of that money would be mainly the camera and controller as the spec of the phantom4 is generally standard with the added feature of flight awearness and obbstickal awearness and some pretty cool other trackong features but for that price I personally think I can build my own. I know some people who are a bit crazy and spend most of there time flying RC planes and helicopters and from their personal experience building a drone is not as tricky as you would think. I have had my eye on a fixed wing drone called the disco for a few months now but don't think it comes to market until the end of 2016. So do I wait for this disco fixed wing drone or do I get the phantom4 or do I make my own. Granted my own made drone will not be as swanky as the others that are on sale but the challenge and the fact that I would have built it myself sounds so rewarding. But if I do build my own drone I would want to go down the fixed wing route. Any ideas or thoughts? Primz
-
Hello all long time no postie. Have been away for abot but have noticed in my absence the Hak5 crew has turned out a few new pineapples so thought il pop my big head back in and see what the fuss is about :) Long story short I started with a wifi pineapple before I even took my first kali course so without the pineapple my pen testing days wouldn't have even have started so props for that, only thing is all my work is mainly done via Kali/metasploit and yeah the mark v was great but for me mainly it was just a mitm box everything else was Kali or metasploit. So am wondering other than the spec of the new devices what will make me spend nearly $400 on both devices and will I be able to do more than mitm attacks? Will it in some time incorporate metasploit as tbh if the pineapple and metasploit had a night of passion the off spring would be amazing!! Any thoughts and opinions would be great as it's either this or a new drone ;)
-
i think its a way the show can get a bit of free publicity. Bit harsh to everyone involved imho as like cooper said believe it or not these things happen on a daily basis, if we know about it or not they happen sad to say, was just a added factor that they was a TV filming crew in the middle of a live broadcast. My humble thoughts go out to the friends and familys and everyone that was involved. But more to the point fucked up for Mr Robot to be poking their noes in and getting some free publicity out of it. im sure the wrights didnt predict this event happening so tbh i dont get it other that for free publicity