Understanding the Digital World, and Staying Safe on Cyberspace!
While the ChatGPT hype might not be so fervent anymore, many of us have internalised ChatGPT’s capabilities into our everyday life. I tried to provide it ten different types of tasks, and have provided some commentary on how we “might” get ChatGPT to work better for us. (In this post we play with the free…
Several friends in different social circles had talked up the Quantic MBA since it was free. But I was a cybersecurity professional. Why did I need to read a MBA now? I decided to do it anyway, and I am glad to report I have survived. Why I Did It Perhaps the answer can be…
*FUD also stands for “Fully UnDetectable”, which describes malware that evades the bulk of commercially used antivirus products. PEN-300 naturally continues where PEN-200 leaves off, for more advanced techniques. After all, OSCP skills alone will not beat modern mitigations; we must try harder. What Do I Really Need Before PEN-300? There has been a trend…
I have decided to share a post written by Naomi, a CISO, on her views on whether a cybersecurity career requires IT fundamentals. She summarises her position as follows: You don’t NEED to know networking, computer hardware, operating systems, databases, or anything deeply technical to start in cybersecurity. All you need is a high level…
A few weeks after I signed up for Cracking the Perimeter (CTP), CTP was retired. Some infosec friends thought I got the short end of the stick, because the course content had not changed in a long while. That is half-true; newer exploit development techniques are now in the while, and CTP only covers the…
Yesterday, I left my first job. Four years in an organisation is neither a long nor short time, but it was the organisation that made me who I currently am today. My journey into cybersecurity was different from most. I was not a 16-year-old whiz kid who conquered the OSCP. Neither was I a Computer…
I think the Pentester Academy site has covered the syllabus of the Certified Red Team Professional (CRTP) which is somewhat of a misnomer because today’s definition of red-teaming goes far beyond what this course covers: Active Directory penetration testing and defence techniques. Note that the attack methodology and tips given by the instructor, Nikhil Mittal,…
Students who are familiar with the PWK/OSCP understand that the field of penetration testing is broad, and at times, overwhelming because there is a lot to learn. Does the AWAE/OSWE come across as significantly less broad? Well, not exactly, because web applications are extremely diverse. Let us take the white box/black box approach to examine…
(Warning: A slightly long read. I have wanted to write about doctrine for the longest of times, but I decided to weave in some of my personal musings about other areas of cybersecurity as well, that are related to doctrine. The result is a long story.) Introduction: The Thought on Business A number of friends…
(This isn’t a cybersecurity blog post. This is just some thoughts of a patriotic citizen on National Day.) I remembered ever writing my thoughts when the late LKY passed away in 2015 in a post as part of being a socio-political writer. Those were times when, as a student, one could flirt with many different…