• How To,  Information Security

    How to check if a link in an email is malicious

    I’ve always told family and friends to never just click on a link, received in email, whatsapp, sms wherever. They always ask “how do I know if the link is malicious”? In this video I show you some red flags to look out for and where you can verify these links. Remember, if you did not expect the email then it probably is not 100% legit and you need to be always verify links. It is very easy to fake a sender and I will do another video on how to check that. Here’s the links to the sites I most commonly use to check links and files: Virus TotalPalo…

  • Uncategorized

    Hard work pays off

    As the title and cliche says, hard work pays off and I can vouch for that. It’s been a lot of work, studying, practice and networking but at last I am working in an Information Security role. I’ve been thrown in to the deep end, but that’s what I like, sink or swim. I have already learnt so much more since I started in my new awesome team. It goes to show, you will achieve your goals if you work hard, believe in yourself and take any failures as stepping stones and experience rather than as failures. I have not reached all my goals as yet, I am still working…

  • News

    2023 Update

    2022 has been a busy year with work and studies. I wrote and passed the Security+, AWS Certified Cloud Practitioner, Palo Alto’s PCNSA and updated my M365 Certified Security Administrator Associate certification. This year I’m focusing more on the Red Team / penetration testing side of things. Currently I am busy studying to write the CCNA and then the medium plan is to write and pass the CPTS, PNPT and OSCP this year depending on time and budget. I will also be posting a lot more TryHackme and Hack the Box walk through as I work through those. CTF competitions are also high on the to do list for this…

  • Try Hack Me Walk Throughs

    Try Hack Me – Pentesting Fundamentals Room Walk through

    The room can be found here. Penetration Testing Ethics: “You are given permission to perform a security audit on an organisation; what type of hacker would you be?” Answer: white hat 2.“You attack an organisation and steal their data, what type of hacker would you be?” Answer: Black Hat 3.“What document defines how a penetration testing engagement should be carried out?” Answer: Rules of Engagement Penetration Testing Methodologies: The stages are Information Gathering (OSINT), Enumeration/Scanning. Exploitation, Privilege Escalation, Post-exploitation (sub-stages: pivoting, gather additional information as a privileged user, cover your tracks, reporting) OSSTMM – Open Source Security Testing Methodology Manual OWASP – Open Web Application Security Project NIST Cybersecurity Framework 1.1 – National…

  • Python,  Tkinter

    import Tkinter does not work in Python 3

    I am busy working through an older book called Tkinter GUI Application Development HOTSHOT by Bhashkar Chaudhary but the book is written for Python 2.7 I am using Python 3.10 and some of the statements in the book does not work for Python 3 so I will be posting the changes from time to time. The first issue I stumbled on is the import statement to import Tkinter. From the book you need to import it as:import Tkinter and this does not work in Python 3. in Python 3 use import tkinter (without the capital T) The test in IDLE as per the book will also fail for Python 3.The…

  • Information Security

    SANS New to Cyber Summit

    SANS Institute is running a free summit called New to Cyber Summit from tomorrow which you can register for here.They are also running two CTF events, one for beginners and one for more experienced people. Two tracks will be running namely the Career Planning track and the Skill Building track. Some of the talks I am interested in are: Network Basics Introduction to Security Architecture Job role spotlight: Incident detection and response Intro to Social Engineering Infosec Snake Wrangling: Intro to Python The nuts and bolts of Cryptography and Everyday Cybersecurity You will also receive 6 CPEs for attending the summit. Hope to see you there!

  • Information Security

    Time to patch again

    I did my first ever CTF this past weekend and had a lot of fun, met great people and learned a ton. Another post on that later. If you are running Windows and especially Exchange, then make sure to read the below article and patch your systems as soon as possible as 5 new 0 day vulnerabilities are patched with this week’s patch Tuesday from Microsoft. You can find one of the articles here which has more information and some information on patches that have been released from the likes of Cisco and Adobe. Remember to keep your software up to date.