Wall Street Journal explores how the U.S. government is using app-generated marketing data based on the movements of millions of cellphones around the country for some forms of law enforcement.
The Cyber Mentor explores the how and why you should build an Active Directory Lab in this cyber-security filled tutorial video.
freeCodeCamp.org has posted a full 14 hour network penetration testing/ethical hacking in this full tutorial course for beginners.
This course teaches everything you need to know to get started with ethical hacking and penetration testing. You will learn the practical skills necessary to work in the field.
Throughout the course, you will develop your own Active Directory lab in Windows, make it vulnerable, hack it, and patch it. We’ll cover the red and blue sides. We’ll also cover some of the boring stuff like report writing :).
This course was originally live streamed weekly on Twitch and built from lessons learned in the previous week.
GitHub repo (for homework):
Course created by The Cyber Mentor.
Check out his YouTube channel:
- (0:00) – Course Introduction/whoami
- (6:12) – Part 1: Introduction, Notekeeping, and Introductory Linux
- (1:43:45) – Part 2: Python 101
- (3:10:05) – Part 3: Python 102 (Building a Terrible Port Scanner)
- (4:23:14) – Part 4: Passive OSINT
- (5:41:41) – Part 5: Scanning Tools & Tactics
- (6:56:42) – Part 6: Enumeration
- (8:31:22) – Part 7: Exploitation, Shells, and Some Credential Stuffing
- (9:57:15) – Part 8: Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
- (11:13:20) – Part 9: NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
- (12:40:46) – Part 10: MS17-010, GPP/cPasswords, and Kerberoasting
- (13:32:33) – Part 11: File Transfers, Pivoting, Report Writing, and Career Advice
Siraj Raval just posted this video on defending AI against adversarial attacks
Machine Learning technology isn’t perfect, it’s vulnerable to many different types of attacks! In this episode, I’ll explain 2 common types of attacks and 2 common types of defenses using various code demos from across the Web. There’s some really dope mathematics involved with adversarial attacks, and it was a lot of fun reading about the ‘cat and mouse’ game between new attack techniques, followed by new defense techniques. I encourage anyone new to the field who finds this stuff interesting to learn more about it. I definitely plan to. Let’s look into some math, code, and examples. Enjoy!
Slideshow for this video:
In this video, Siraj Raval demonstrates how to build a CyberSecurity startup around a demo app called DharmaSecurity, a fraud detection tool for businesses.
The way it works is that once signed up, a business will paste a code snippet into their website, and then they’ll get access to a dashboard that tells them how many fraudulent accounts they have.
In case you were wondering when the worlds of CyberSecurity and AI would collide and create new threats, it’s happening.
AI fuzzing definition AI fuzzing uses machine learning and similar techniques to find vulnerabilities in an application or system. Fuzzing has been around for a while, but it’s been too hard to do and hasn’t gained much traction with enterprises. Adding AI promises to make the tools easier to […]
As we rush headlong into an internet connected world, have we really thought through all of the risks? The next episode of Data Driven will take a deeper look at the global security risks our connected world exposes us to.
Here’s a sobering video from Motherboard on why we need to think very carefully about what kind of future we want.
In case you thought you bank heists involved physical interaction, then check out this story of international intrigue, social engineering, and a broken printer.