Hacking is basically just abuse of foundational knowledge.
Seriously, its about foundational knowledge. So learn it!!
So the new kids don't come from CS and EE backgrounds as often anymore.
With
just surface level attack knowledge you might be able to hack at an
intermediate level and than one day you will hit a wall and that will be
your hacking knowledge failing to propel you further, due to lack of
foundational knowledge letting you see the unseen. We need to fix this.
The
kids never listen but I always scream it from the mountain tops. and
then I hear cries that they didn't go to school so poor them its not
their fault right? Wrong, it is your fault because information is free
cheap and in abundance, but at least your interested so cheers to that,
lets move forward.
There is an easy fix to this dilemma
You
don't need a CS or EE degree because you will self teach one in 1/4 the
time frame without curriculum bloat. (universities are inefficient)
Instead we learn relevant foundational skills to your career, interests,
objectives so you can progress quicker. You need to learn math? No
problem khan academy.. You need to learn about network protocols or
programming no problem there are full YouTube playlists / books / labs
for this that are better then university classes by far
The Fix:
Choose
a foundational item of interest and roll with it daily, this can even
be as little as just 20 minutes a day with your morning coffee. Sadly
that's more efficient then a university class lol
Base your choice 75% off your interest and 25% off what you actually might use it for.. Lets give a few examples
1.
Programming - You can use programming in literally every single part of
infosec. Pick a general purpose language like "Python" to learn and
code useful things.. Or a specific language if you have a specific
interest for example, "solidity" if in blockchain, or "C/C++" if doing
exploit dev / Reversing
2. Assembly /
Computer Architecture - Choose this if you have any need / want to dive
into reverse engineering, exploitation or even old school game dev
3.
Hardware / Electronics stuff - Choose this if you want to work on fun
projects and see how those 0's and 1's function while using your general
purpose code do neat things as a way to progress into more IOT /
Hardware hacking etc. This could be as simple as buying some arduino
kits / books and learning about circuits and creating them and building
devices etc
4.
Protocols Protocols Protocols... Learn all about network protocols and
how they function and how to interact with them and send raw sockets
and assemble various protocols from standard network protocols to
Bluetooth zigbee, blockchain, sub-ghz etc Scapy anyone?
5. You can choose any other foundational thing you feel that is holding you back maybe Linux cmdline?
Choose
1 thing and spend 6 - 18 months daily learning a bit and playing with
it each day, building things with it and coding things related to it etc
Monday, November 4, 2024
Filling in the Gaps of your foundational Knowlege
Friday, October 11, 2024
Learning Binary Ninja for Reverse Engineering - Integrating AI workflows to Reverse Engineer Keygens
In this video we run through creating Keygens from binaries to bypass
software restrictions using AI prompts where relevant to help us code
our own keygens and understand algorithms.
Example Binaries: CTF Binaries Used: https://github.com/cclabsInc/Binja
Twitter: https://twitter.com/ficti0n
Looking for a penetration test?
Sunday, September 8, 2024
Real World Social Engineering Part 2: Integrating SE With Stealth Badge Readers Tips and Tricks
Below is a video on using stealth readers with social engineering to gain access to physical targets on your penetration tests.. This is all based off real world engagements and actual use.. Not theory..
Cheers and keep hacking...
Twitter: https://x.com/ficti0n
Need A Penetration Test or a Covert Access Engagement / Physical Audit?
CC Labs: https://cclabs.io / https://consolecowboys.com
Monday, January 22, 2024
Learning Binary Ninja For Reverse Engineering and Scripting
Recently added a new playlist with about 1.5 hours of Binary Ninja Content so far..
Video 1: I put this out a couple months ago covering use cases and reversing flows as well as some basic scripting..
Videos 2+3 in the playlist start getting specifically into scripting for reversing automation.. Enjoy..
@Ficti0n on twitter..
Video 1 UI Workflows and Scripting:
Video 2: Scripting Part1
Video 3: Scripting Part 2
Wednesday, December 27, 2023
Real World Social Engineering - Turning life into a Penetration Test or one Hell of an Adventure
Monday, March 27, 2023
New Consulting Series Financial Statement Workshop
I added a new video to the consulting series playlist today... This is for creating and managing your personal financial statements, your budgeting of income/expenses from various sources and how to allocate those automatically to investments to build and track over time....
If you learn something.. Like and leave a comment... Cheers...
Tuesday, March 21, 2023
Web3 Smart Contract and Blockchain Hacking with Python Free Course Section 1
Below is the full playlist and the outline for Section 1 the Web3 Hacking in Python course.. This is the most in-depth python based web3 material I have seen anywhere online.
Section 1 is the foundational section of the course using python for web3 that covers the following topics and also assumes that you have already taken my smart contract hacking course from 2020.
Smart Contract and Blockchain Web3 Hacking in Python:
Section 1:
Smart Contract Interactions:
1. Simple Smart Contract Interactions
2. ERC20 Token Interactions
3. Wallet Interactions
4. Manual ByteCode Reversing
5. ByteCode Function BruteForce Automation
6. Automated Reversing and Disassembly
7. Transaction Signing
8. In Depth Manual Smart Contract Interactions
9. Asynchronous programming to monitor Contract Events
Homework Assignments
1. Uniswap Pair nested Contract Interactions
2. Attacking Smart Contract Pathways Manually with python
3. Analyze Bytecode and Determine what it Interactions
Network Interactions:
1. Blocks and transaction Filtering and Monitoring
2. Pending Transaction Subscriptions And Network Monitoring
3. Monitoring Smart Contract Mempool Transactions (Uniswap Routers)
Playlist:
https://www.youtube.com/watch?v=UBK2BoFv6Lo&list=PLCwnLq3tOElrubfUWHa1qKrJv1apO8Aag&index=1
Filling in the Gaps of your foundational Knowlege
Hacking is basically just abuse of foundational knowledge. Seriously, its about foundational knowledge. So learn it!! So the new kids don...
-
"Swan song" is a metaphorical phrase for a final gesture, effort, or performance given just before death or retirement. This post ...
-
Firstly this post requires the following song to be playing. http://www.youtube.com/watch?v=wVfjwIyc-CU Now that we got that out of...
-
Recently added a new playlist with about 1.5 hours of Binary Ninja Content so far.. Video 1: I put this out a couple months ago covering...