SANS Whitepaper: https://www.sans.org/reading-room/whitepapers/detection/paper/39055 SANS Webinar: https://register.gotowebinar.com/register/603121010349954316 SANS ISC Stormcast Episode: https://isc.sans.edu/podcastdetail.html?id=6574 SEC 505: https://www.sans.org/course/securing-windows-with-powershell Orai: https://www.orai.com/ Python Crash Course (2nd edition): https://nostarch.com/pythoncrashcourse2e Show notes: https://seangoodwin.blog/sts002 Twitter: https://twitter.com/0xSeanG iTunes: https://podcasts.apple.com/us/podcast/stumbling-through-security/id1460066606
AmherstSec was kind enough to have me speak at the July 10, 2019 meetup. The topic was introductory in nature, but I wanted a place to list out additional resources for any folks looking to learn a bit more.
I finished my first research project as part of the SANS Technology Institute MS Information Security Engineering program.
My review of The Hacker Playbook 3: Practical Guide to Penetration Testing (Red Team Edition).
I was lucky enough to get the reminder to K.I.S.S. on a recent engagement. While the latest TTPs can be very useful, it is important to keep "the basics" in mind. ARP Poisoning Guide: https://www.tutorialspoint.com/ethical_hacking/ethical_hacking_arp_poisoning.htm Ettercap: https://www.ettercap-project.org/ Bettercap: https://www.bettercap.org/ PCredz: https://github.com/lgandx/PCredz SMB Encryption: https://docs.microsoft.com/en-us/windows-server/storage/file-server/smb-security Detection of Arp Spoofing: https://www.comparitech.com/blog/vpn-privacy/arp-poisoning-spoofing-detect-prevent/ Show notes: https://seangoodwin.blog/sts001 Twitter: https://twitter.com/0xSeanG iTunes: … Continue reading Episode 001: Keep It Simple [Sean]