Interview I did with Covert Access Team

 This is an interview I did with cover access team covering things for example: 

• Talks about blockchain attacks
• Chatting about running and managing a consultancy
• Mentoring employees and learning
• Physical security and exploitation. 

 

Filling in the Gaps of your foundational Knowlege

 Hacking is basically just abuse of foundational knowledge.
Seriously, its about foundational knowledge. So learn it!!

So the new kids don't come from CS and EE backgrounds as often anymore.

With just surface level attack knowledge you might be able to hack at an intermediate level and than one day you will hit a wall and that will be your hacking knowledge failing to propel you further, due to lack of foundational knowledge letting you see the unseen. We need to fix this.

The kids never listen but I always scream it from the mountain tops. and then I hear cries that they didn't go to school so poor them its not their fault right? Wrong, it is your fault because information is free cheap and in abundance, but at least your interested so cheers to that, lets move forward.

There is an easy fix to this dilemma

You don't need a CS or EE degree because you will self teach one in 1/4 the time frame without curriculum bloat. (universities are inefficient) Instead we learn relevant foundational skills to your career, interests, objectives so you can progress quicker. You need to learn math? No problem khan academy.. You need to learn about network protocols or programming no problem there are full YouTube playlists / books / labs for this that are better then university classes by far

The Fix:
Choose a foundational item of interest and roll with it daily, this can even be as little as just 20 minutes a day with your morning coffee. Sadly that's more efficient then a university class lol

Base your choice 75% off your interest and 25% off what you actually might use it for.. Lets give a few examples

1. Programming - You can use programming in literally every single part of infosec. Pick a general purpose language like "Python" to learn and code useful things.. Or a specific language if you have a specific interest for example, "solidity" if in blockchain, or "C/C++" if doing exploit dev / Reversing

2. Assembly / Computer Architecture - Choose this if you have any need / want to dive into reverse engineering, exploitation or even old school game dev

3. Hardware / Electronics stuff - Choose this if you want to work on fun projects and see how those 0's and 1's function while using your general purpose code do neat things as a way to progress into more IOT / Hardware hacking etc. This could be as simple as buying some arduino kits / books and learning about circuits and creating them and building devices etc

4. Protocols Protocols Protocols... Learn all about network protocols and how they function and how to interact with them and send raw sockets and assemble various protocols from standard network protocols to Bluetooth zigbee, blockchain, sub-ghz etc Scapy anyone?

5. You can choose any other foundational thing you feel that is holding you back maybe Linux cmdline?

Choose 1 thing and spend 6 - 18 months daily learning a bit and playing with it each day, building things with it and coding things related to it etc

Learning Binary Ninja for Reverse Engineering - Integrating AI workflows to Reverse Engineer Keygens

In this video we run through creating Keygens from binaries to bypass software restrictions using AI prompts where relevant to help us code our own keygens and understand algorithms. 

Example Binaries: CTF Binaries Used: https://github.com/cclabsInc/Binja

 

Twitter: https://twitter.com/ficti0n

Looking for a penetration test? 

• http://consolecowboys.com
• http://cclabs.io 

 

 

 

Real World Social Engineering Part 2: Integrating SE With Stealth Badge Readers Tips and Tricks

 Below is a video on using stealth readers with social engineering to gain access to physical targets on your penetration tests..   This is all based off real world engagements and actual use.. Not theory.. 

Cheers and keep hacking...  

Twitter:   https://x.com/ficti0n

Need A Penetration Test or a Covert Access Engagement / Physical Audit? 

CC Labs:  https://cclabs.io / https://consolecowboys.com

Learning Binary Ninja For Reverse Engineering and Scripting

 Recently added a new playlist with about 1.5 hours of Binary Ninja Content so far..   

Video 1: I put this out a couple months ago covering use cases and reversing flows as well as some basic scripting.. 

Videos 2+3 in the playlist start getting specifically into scripting for reversing automation.. Enjoy.. 

@Ficti0n on twitter..   

Video 1 UI Workflows and Scripting:

Video 2: Scripting Part1 

Video 3: Scripting Part 2