global timeline

local β€’ global
πŸ“’ Server Message:

Welcome to Stegodon.zip!

πŸ” @webhat@infosec.exchange boosted

23 hours ago

@cR0w ssh-list - reads my .ssh/config file:

πŸ” @webhat@infosec.exchange boosted

23 hours ago

Okay so, I know that some of my co-workers may be watching this, but...I'm passively putting out feelers for new work. I've not been fired, and perhaps I should be thankful for that, given the job market and all, but I'm going to try anyway. I'm also going to be upfront that I'm looking for more pay and career advancement, because I have goals I want to achieve. I'm looking for senior/principal level cybersecurity roles, but also, I could be convinced to do team lead/managerial roles in order to pass knowledge on to the next generation, as I love teaching, and passing knowledge on to others. I have 15 years of experience in security in general, with another 6 odd years of systems administration on top of that in my early career.Whatever I would hypothetically do for, or with you would have to be remote. Michigan is my home and I refuse to leave it. I also have senior dogs that need a close eye.What I do extremely well: Network Security Monitoring - I'm extremely well-versed in Snort and Suricata, and have a great understanding of Zeek IDS and IPS platforms and everything that comes with them. Deployment, Administration, Detection Engineering, Investigation, etc. If you give me pcaps, I can rip them apart in moments to find the relevant data. You give me IDS alerts and I can do the necessary correlation with other security tools and logs to figure out what happened, and build a timeline.Security Operations/Blue Team ops - If you have logs, I have ways of making those logs talk. I'm most well-versed in Splunk -- that is to say that stats is a hammer by which every threat hunting session gets nailed, but I can adapt to whatever you use for gathering your logs. I've handled incident investigations and have assisted clients on what needs to be done next on every stage of the DFIR lifecycleThreat/Vulnerability Research - This goes hand in hand with detection engineering talent. Distilling the data from security research articles, proof of concept exploit write-ups, malware sandbox reports, online threat intelligence platforms, and everything else in between. I have demonstrated ability to determine the relevance of the threats, and extract the actionable indicators for detection engineering.Avid writer and speaker - I've presented at plenty of security conferences, podcasts, streaming platforms, etc. I've authored my own video training, and self-published multiple books that have been well-received by the community. I've run my own blog for years, but also have had my work featured on more professional company blogs throughout my career.Virtualization and Homelabbing - A lot of what I do requires having a place to reproduce exploits, exploit conditions, and test out security tools. I've written two books on virtualization and home labbing. I'm also somewhat well-versed on setting up a sandbox on both VMs and physical hardware to get around anti-VM nonsense some malware authors do.Documentation - I hate figuring out how to do something, then having to do it again later only to have completely forgotten how to do it. I hate finding half-assed documentation for a product that doesn't cover major use cases, or doesn't have good documentation for important edge cases. So when I figure things out, its getting written somewhere for future reference. With lots of screen caps for further guidance.Data pivoting - Given a number of IOCs of any kind, I'm well versed in turning that into more actionable data for more detection engineering.What I do pretty decently:Host-Based Detection and Analysis - I'm somewhat well-versed on how to make use of yara rules as they're kinda required to do any valuable hunting in Virustotal. If you have Linux audit logs, windows process execution logs/sysmon, other AV/EDR logs, sandbox reports detailing parent/child process relation ships and what command are being run or where files are being dropped, I can figure things out well enough.Honeypotting/Honeytokens - I'm pretty good at watching the bad guys do silly things with boxes they think they've owned.What I'm just okay at:Programming - Given enough monkeys and enough typewriters, I can write some automation tools in Python. I've contributed to two open-source projects in a very minor capacity. I've written a tool that helps automate some aspects of Suricata rule writing for me. The good news is that if I don't know what I'm doing, I'm not afraid to ask for help after trying to find the answer myself, then documenting it.Cloud/Devops stuff - I know enough about cloud computing to understand what functionality maps to whatever stupid cloud application name your cloud provider of choice chose to give that function. I can grok the purpose, I can probably figure out cloudtrail logs for security anomalies and other weird issues, but I have never administered cloud infrastructure myself, personally. I'm also versed enough to figure out how to use whatever containerization solution du jour is popular this week, but the minute I have to figure out why they aren't working, or what has gone wrong, I will scream in frustration because of how terrible the instrumentation, logging, documentation and other troubleshooting apparatus are. Buzzwords - Zero trust is, and always will be Identity and Access ManagementSBOM will always just be software prerequisites.Web3 will always be scams, with more stepsAI will always be markov bots but with stolen data baked inWhat I refuse to do:AI - I refuse to be told that I must use AI to do my job. That I must have some form of AI usage as a trackable metric for performing my duties. I active avoid using it in any aspect of my life because I refuse to offload my critical thinking to a chatbot. I refuse to work for companies that make AI their identity. I refuse to work for AI companies at all.Web3/Cryptocurrencies - Web3 and cryptocurrencies are a net negative to every single thing they touch, and I refuse to be affiliated with any of it.Anything involving clearances or Defense Industrial Base contracting - Been there, done that. The mission doesn't put food on the table when you're furloughed for weeks and months on end because congress can't act like adults and solve their problems. I also do not want to touch anything involving the current administration with even a barge pole.Contract roles in general - Sorry, I need permanent employment, and I need healthcare of some sort.last time I checked about tennish years ago, I was told that I have been blacklisted from Cisco, so I cannot work for Cisco or any of its holdings. If you don't know the story, I 'm more than willing to tell you publicly or privately.Other notes:I don't have specific experience with specific security appliances like Cisco, Palo Alto, Juniper, etc. But again, I'm far enough along into my career to where if I was required to learn how to use specific security products, I can read the docs, do the training, or observe how others do it to figure it out for myself.Education level is bachelors degree with a number of outdated certificationsIf any of this tickles your fancy, DM me, or e-mail at deusexmachina667 at gmail dot com#Getfedihired #Infosecjobhunting

πŸ” @webhat@infosec.exchange boosted

23 hours ago

@webhat @GroupNebula563 @konstruct @CornAnon I'd love to hear from someone who does consider themself a #therian. #otherkin

πŸ” @andypiper@macaw.social boosted

23 hours ago

I got somewhat carried away over the past couple of nights; so my TUI #emfcamp app now supports fediverse RSS feeds, personal favourites json URLs and because somebody made a JSON MQTT feed of the Hackers script, it displays that nicely too. 😁

πŸ” @webhat@infosec.exchange boosted

23 hours ago

@gbargoud @t3rcermillenium @ChrisMayLA6 Hah! That would, of course, give us Rightwing Authoritarian Single Issue Stochastic Terrorism.RASIST

πŸ” @webhat@infosec.exchange boosted

1 day ago

#memories Today this poster, that was in one of my classrooms, suddenly entered my memory.

πŸ” @webhat@infosec.exchange boosted

1 day ago

Local smugness levels at about 00%(00%) β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘#worldCup

πŸ” @webhat@infosec.exchange boosted

1 day ago

We lost abortion rights, for example, not just because Republicans attacked it nonstop but because Democrats DIDN'T DEFEND IT. The "big tent" "ideological diversity" of having anti-abortion Democrats was more important to them. Why? Because they're conservatives!

πŸ” @webhat@infosec.exchange boosted

1 day ago

It’s not even been 5 years since we all stopped living under COVID lockdowns when we relied on low-paid key workers to keep everything running. And yet there is zero political legacy that recognises their contribution. Absolutely none. It’s totally disgraceful.

πŸ” @webhat@infosec.exchange boosted

1 day ago

@webhat @konstruct Ooh, I knew I had once known what "therian" is. I think it basically covers what we normies call "furries": https://en.wikipedia.org/wiki/Therian_subculture

πŸ” @webhat@infosec.exchange boosted

1 day ago

"But they're usefull"Yea...but i still hate flies...I hate how they land on me,how horrid that feels.and if i swat em away, they land right back where i swatted em from....

πŸ” @webhat@infosec.exchange boosted

1 day ago

Er gelden op dit moment verschillende waarschuwingen en verboden voor watergebruik in Nederland vanwege de aanhoudende warmte en droogte. Deze maatregelen zijn lokaal van aard en kunnen per regio verschillen.Door aanhoudende droogte gelden er in bepaalde regio's (voornamelijk in het zuiden en oosten) tijdelijke onttrekkingsverboden of urenverboden.Dit betekent vaak dat je overdag (tussen 09:00 en 21:00 uur) geen water uit sloten of beken mag pompen voor het besproeien van tuinen of gewassen.

πŸ” @andypiper@macaw.social boosted

1 day ago

Ah, yes. Democracy in action. "Lindsey Graham's sister chosen as replacement after senator's death""There is a long tradition of family members replacing lawmakers when they die, to finish the term." -- almost like a Monarchy?https://www.bbc.co.uk/news/articles/c05y3rlvp20o