Review of Udemy course – Learning Computer Forensics With Infinite Skills

Overview

Forensics is a topic which seems to be referenced in a lot of hacking challenges and real world cyber security problems but for some reason doesn’t get much exposure in the entry level security courses. They tend to focus more on the attacking/red team topics.

I bought this course hoping it would show me some cool new ways of tracking the actions of other on IT networks and piecing together a history of what had happened even if an attacker had attempted to hide their tracks.

Pros

  • Well presented course with good audio and visuals.
  • Wide range of topics from Windows, Linux, Mobile, Legal and image acquisition.
  • Good demonstrations of the topics begin discussed.
  • only 11 hours long so can be watched without too much of a time commitment.
  • Introduces a wide variety of free tools you can test

Cons

  • The material is very basic compared to what I was expecting.
  • If you have even spent 5-10 minutes looking at logs for any of these systems you are unlikely to learn anything new in the modules.
  • very few “tips and tricks”. I was expecting lots of new techniques that I could make notes of for the next CTF challenges I did but most of the course content is straight forward log browsing.

Verdict

Overall it’s not a bad course but I wouldn’t recommend it unless you are very new to most of the topics. for Example if you do not work in IT have only ever used Windows then the knowledge about topics like Linux or BSD or network logs will likely be new to you and these videos are a great introduction.

If you have been taking part in security challenges or have many years in IT then the few snippets of info you’ll gain from this course are unlikely to be worth the time and cost.

Sans Holiday hack challenge 2019 - Kringlecon2

Kringlecon 2019 – SANS Holiday hack challenge

What better way to get into the festive mood then by taking part in an awesome online security conference – KringleCon 2019 from the SANS institute. For anyone new it’s a free online conference which includes youtube hosted presentations from security professionals on a variety of topics as well as a CTF game where you help Santa figure out who has stolen two turtle doves from elf university!

santa


How to Join?

It’s a free conference, to join in the fun simply visit HolidayHackChallenge 2019 and click on Kringlecon2 at the top then register an account. If you just want to listen to the talks you can see them all on their YouTube channel : YouTube – Kringlecon2


 

CTF Challenges

The aim is to solve all the Objectives to help find where the missing turtle doves are. They are ranked in difficulty starting at 1 xmas tree to 4 xmas trees. If you are having trouble with an objective there are helpful elves throughout elf university who will give you a mini-puzzle to solve, these are easier than the objective and if you help an elf with his mini-puzzle they will give you a clue for the main objective.

challenges

A lot of the presentations given at Kringlecon also offer hints for the challenges by way of suggesting specific tools and techniques which may come in use for the objectives which works as an extra incentive to pay attention to them all.

If that fails and you are still stuck there is a chat room in the CTF game world full of people who are happy to give hints.


Presentations

There are a treasure trove of talks at Kringlecon by some of the best security minded folk in their respective industries. Even if you don’t use the talks to help with the CTF objectives you will learn plenty just by listening to them all.

There will be more talks released as the event goes on but currently here they all are with a few brief notes about the topics discussed:

John Strand, keynote : A hunting we must go

  • The benefits of creating hunt teams whose only task is to identify malware beacons.
  • RITA – Real Intelligence Threat Analytics, a tool for identifying malware beacons in traffic.
  • Honeybadger – A tool to geo-locate an attacker who has exfiltrated your companies files, works using Googles gigantic wi-fi database instead of IP which can be spoofed.

Katie Knowles – How to (Holiday) hack it: tips for crushing CTFs & Pwning Pentests

  • Ways to look at a CTF problem once you get stuck, (has a cool screenshot at 6:07 of a problem spiral.)
  • Based on thinking about what new information you have come across since starting the puzzle and new ways of looking at the situation.

Snow – Santa’s naughty list: Holiday themed social engineering attacks

  • A look at social and physical attacks which are more likely to succeed during the Xmas holiday season.
  • Using the website Glassdoor to see what aspects of a company the staff are emotional about.
  • Statistics about e-mail response when using surname, firstname or both.
  • Some proactive tips for how to defend against these attacks.

James Brodsky – Dashing through the logs

  • An intro to searching through events in Splunk
  • An intro to Stoq (E-mail traffic analysis tool)
  • A massive hint that this may be useful for some of the Holiday hack challenge objectives

Ron Bowes – Reversing Crypto the easy way

  • How to hack crypto which has used bad key implementation.
  • Ways to identify which crypto is being used based on its output.
  • Great demonstration at the end which makes use of the techniques in the video.
  • One of the most technical presentations released so far.

Chris Elgee – web apps : a Trailhead

  • An introduction to analysing traffic between you and webapps
  • How to alter some values for items processed locally
  • Good starting point for someone completely new to security who hasn’t ever seen the source code of a webpage

Chris Davis – Machine learning use cases for cybersecurity

  • Discussion about how machine learning can be used in cybersecurity
  • How Machine learning can help with specific tasks for blue and red teams
  • A demonstration of setting up a machine learning program to spot the difference between apples and bananas
  • I’ve seen plenty of mentions that one of the holiday hack challenges can be solved using Machine learning so this one may be worth re-watching.

Deviant Ollam – Optical Decoding of Keys

  • A very scary presentation showing how to duplicate a physical key based on only a photograph of the key.
  • Step by step demonstration for how anyone can do it with the right tools

Dave Kennedy – Telling stories from the North Pole

  • How to prevent SOC staff from spotting your attacks.
  • SOC picks up thousands of potential attacks, how to make yours blend in with the other false positives.
  • Techniques such as altering the name of your variables/files so that if they are Googled the analyst should come across legit pages for their use.

Mark Baggett – Logs? where we’re going we don’t need logs

  • Guide to the built in logging features of Windows 10.
  • SRUM-DUMP – A tool for looking at the System Resource Utilisation Management Database.
  • ESE2CSV – Command line version of SRUM-DUMP.
  • What to do as a forensics investigator when the client has few or no logs.

Heather Mahalik – When Malware goes mobile, quick detection is critical

  • Talk about malware on mobile devices
  • Growing field so likely to be seeing more of this in the near future
  • Less protected than in-office devices
  • UFED physical analyser – forensics tool for digging into malware on mobile devices

John Hammond – 5 steps to build and lead a team of holly jolly hackers

  • Hints and tips for building a successful team of penetration testers and security researchers
  • Advice such as using practical lessons for most of the training, taking parts in CTFs, gamefy learning as much as possible.
  • Keep track of what staff have learned and share with other team members

Lesley Carhart – over 90,000: Ups and Downs of my infosec twitter journey

  • Advice on the use of social media for members of the cyber security community
  • Most of the advice applies to any user of cyber security who has a following consisting of more than just friends and family
  • Lesley has over 100,000 twitter followers so her talk is backed by lots of experience

Soundtrack

Last year the soundtrack from the CTF was so popular that this years has been made available as a download available for download here:

Tunes to hack to!!!

 

 

git cat-file -p Fatal error : Not a valid object name

If you are trying to view the contents of git objects by accessing the name directly in its folder using: git cat-file -p
you’ll likely get the error “Fatal : not a valid object name”
which is annoying as you can see the file name appears exactly as shown
Screenshot from 2019-11-27 17-19-28

The reason for the error is that Git object names are paths to the file and not
the typical folder + file names you are used to.
In order to fix the issue you need to reference the full file name starting at the root object folder for Git to be able to find it.
In this example I would need to include the “1c” in the file name

Screenshot from 2019-11-27 17-33-53.png

Hints and Tips for PythonChallenge level 11

This is a page of hints for the Pythonchallenge.com level 11 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

Platos allegory of the cave tells us that we dont always see the correct picture.

Expand for hint 2

Are you able to extract odd/even parts of the image?

Expand for hint 3

The PIL library is useful for image manipulation.

Expand for hint 4

Try using the % operator to find remainders of numbers.

Expand for hint 5

Look hard at the 2 images you have at the end, the answer is there but very faint, you may miss it on a dark monitor.

Hints and Tips for PythonChallenge level 10

This is a page of hints for the Pythonchallenge.com level 10 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

The First challenge is figuring out what the next entries in the sequence are.

Expand for hint 2

Say the numbers out loud.

Expand for hint 3

Look and Say.

Expand for hint 4

Try the “groupby” function from the Itertools library to help group numbers together

Expand for hint 5

The answer is the length, not the actual number

Hints and Tips for PythonChallenge level 9

This is a page of hints for the Pythonchallenge.com level 9 challenge

It does not contain the answer so you can use as many hints as you want but still have to put everything together yourself to complete it

Note: A lot of these challenges have multiple different ways of solving them, the hints here might not match to what you have found already.

Expand for hint 1

Have you found the numbers in the source code for the page?

Expand for hint 2

Do the numbers have any sort of rough patterns?

Expand for hint 3

If the numbers come in pairs can you split them up using Python?

Expand for hint 4

Have a look into matplotlib.pyplot

Expand for hint 5

the two images go on top of each other, then start guessing related words.

Review of Udemy course – Python for Ethical Hacking: Develop Pentesting tools by hackersploit academy

Overview

If anyone starting out with either learning Python or cyber security there is a fantastic course on Udemy you should put serious consideration into buying. The Python for Ethical hacking course takes you step by step through coding your own tools for carrying out various security related tasks such as scanning for open ports and active IP addresses, transferring files between machines and even setting up a botnet which includes coding both the client and server side code.

Pros

  • The course covers a lot of different tools so if you are into security there is very likely going to be something relevant to you.
  • The instructor speaks very clearly and explains everything as he goes along.
  • Both Python 2 and 3 are used with discussion of some of the differences.
  • Each tool is coded live which also involves the debugging phase at the end, seeing a skilled coder going through the debugging process is invaluable knowledge which often gets skipped in other courses.
  • While the course is aimed at people with a little bit of experience in Python and coding I feel that anyone with general tech saviness should be able to jump in and follow.
  • The majority of the tools are left open to allow you to add features in the future if it’s something you start using for real world work.

Cons

  • The only con I could think of was that most of the tools weren’t demonstrated in a real world scenario. Watching some of these tools in action might have helped learners remember what they do on a deeper level.

Verdict

This is one of the best courses I have done so far. The experience I’ve gained from watching someone coding these tools and following along in real time far outweighs the learning I’ve gained from other basic python courses which teach things on a more conceptual level.

Some of these tools you create on this course are almost clones of popular tools from Kali Linux which allows you to carry on learning different penetration testing techniques but with a bigger sense of achievement at the end as you know you coded some of the tools yourself by hand.

I’m so impressed by this course that whatever the instructor releases next will likely go onto my wishlist to learn, regardless of the topic.