Today, I received an email from INE that I passed my eJPTv2 beta exam. It means that I obtained the eJPT certification again, but this time it is for version 2. I discussed my beta exam experience here. I suggest you read it and come back to this. There might be some information that you would want to know before reading the rest of this post. Preparation I received an email from INE on August 8th that they selected me to participate in the eJPTv2 beta program. I started going …
InfoSec
eJPTv2 Beta Exam
Today, I submitted my eJPTv2 beta exam for review. Per INE, it will take about two to three months to review everyone's exam submission. During this time, they will also decide if they want to tweak the exam based on the feedback. Related: Passed eJPTv2 Exam format For obvious reasons, I cannot disclose any of the questions I saw on the exam. I can, however, discuss whatever is public knowledge. Without further ado, here is some information about the exam: Course …
Attacking Cisco IOS device
Cisco IOS-related CVEs get announced consistently, but we will not be exploring any of those in this article. I will, however, demonstrate that attacking a Cisco IOS device is possible with SNMP misconfiguration. If interested, I covered another attack on a Cisco IOS device running HSRP here. I included this exercise on our Paradise Lost: Red Team versus Blue Team event during our CyberFest 2021. Unfortunately, only the blue team members touched this node. The red team focused on …
Kaos Corp: Cayenne
In the previous article, we found the ransomware key, and now we are on the hunt for the Windows AD domain controller to decrypt the research data, which also contains the flag. In this article, we will concentrate on the host named Cayenne. Discovery Since we already performed host discovery, we do not need to do it again. However, we need to figure out which ones are Windows-based hosts out of the three left. The quickest way to figure out if a host is running Windows is by pinging, …
Passed GCIH
I recently passed the GCIH (GIAC Certified Incident Handler) certification exam with a score of 99%. I did not expect such a high score because my practice tests scores were 89% and 92%. I did, however, aim to get at least 90% to be part of the GIAC Advisory Board. While it is an impressive score, I think getting a high score on any certification exam is all about your preparation. Folks familiar with GIAC exams know that it is an open book format. That includes your notes or any cheat …