Cheat sheet based off the Udemy cysa+ course from Jason Dion – video 75 as i’m sure i’ll end up looking for it at some point in the future. REGEX: [] – Match a single instance of a chracter from a range such as a-z A-Z 0-9 or for all [a-zA-Z0-9] [\s] – Match whitespace [\d] – Match a digit + – Match one or more occurrences e.g. \d+- *- Match zero or more occurrences e.g. \d* ? – Match one or none occureences e.g. \d? {} – Match the number of times within the braces e.g. \d{3} finds 3 digits in a row or \d{7-10} matches 7,8,9 or 10 digits in a row | – OR ^ – Only search at the start of a line ..read more

Finishing off strong, today saw the last day of Hacker Halted 2020 talks Zoey Selman shared her expertise on OSINT with tips and tricks based on years of experience on how to better search for targets from other countries. There are a lot of different cultural and technical differences between every country on the planet and if you try searching for a foreign user the same way as you would a local user it’s likely to be a lot more fruitful if you know which social networks and search engines are popular in which country. Tyrone Wilson tackled the age old problem of “I cant get a job without ex ..read more

The penultimate day of Hacker Halted gave us some more serious discussions focusing on some of the darker activities bad actors can involve themselves with online and in real life. Chris Kubecka gave us details of her dealing with Boeing and how an attempt to highlight security concerns with software in planes was met with legal force instead of any sort of willingness to learn and prevent deaths. Very reminiscent of the scene in fight club where they discuss the formula used by car manufactures to decide whether they will either pay the fines or issue a recall of a vehicle for safety purposes ..read more

The third day of Hacker Halted saw talks on slightly more technical topics than the previous days. The opening speaker Chloe Messdaghi went through the benefits of gamefying training to help build a cyber security team in your organisation in order to create a team who can react quicker to new threats and actually prevent breaches instead of just running through compliance checklists. Ending the talk with some examples of how CTF style events have helped people land jobs was a nice touch to encourage people to take action after the slides had finished. A more Americanized talk followed from Ch ..read more

Another great day of talks (Mixed in with some haphazard organisation and time keeping by EC-Council). I’m genuinely impressed with the level of professionalism and effort all the speakers have put into their presentations. Starting off today was Alyssa Miller with a look at the current deep fake possibilities and a prediction that very soon it will be an issue handed over to cyber security professionals to protect organisations from being tricked by a deep fake of their company CEO. The brilliantly put together talk gives an overview of how generative adversarial networks create the deep fake ..read more

Hacker Halted day 1 is over and provided several very informative and entertaining speakers. The event itself by EC-Council had a few technical hiccups along the way but as this was probably put together at the last minute as an online conference instead of a face to face event and is free I think we need to be a little bit more lenient with the organisers and give them a bit of time to smooth everything out. Jenny Radcliffe started us off with a presentation about how social engineers have been taking advantage of Covid19 by scamming people with fake tests, fake cures and trying to cheat the ..read more

This years Hacker halted comes with a mini game in the form of codes which you can find by watching all the presentations and visiting sponsors. There seemed to be a lot of “technical” issues with these codes with lots of people not being able to see them even if they had watched the entire talk by a speaker. To help those people out I’ll use this page to collect a list of each of the codes against their name in the event game page DAY 1 The Witchball and the Tribe – WITCHBALLTRIBE A day in the life – DAYINTHELIFE When they hit your NAS – FORENSICATINGRANSOMWARE Communicating Cybersecurity – J ..read more

Due to Covid-19 the EC-Council have decided to make this years Hacker Halted conference an online affair and lowered the cost of basic entry to 0. The event is in it’s 14th year and looking through past events it looks to be a classic collection of guest speakers covering a wide array of cyber security topics. From the technical sides of offensive and defensive cyber security to the “softer” topics of hacking people and getting more people interested in careers in cyber. EC-Council make their money by selling training certs so this event is likely going to be heavily aimed at getting people in ..read more

Overview Forensics is a topic which seems to be referenced in a lot of hacking challenges and real world cyber security problems but for some reason doesn’t get much exposure in the entry level security courses. They tend to focus more on the attacking/red team topics. I bought this course hoping it would show me some cool new ways of tracking the actions of other on IT networks and piecing together a history of what had happened even if an attacker had attempted to hide their tracks. Pros Well presented course with good audio and visuals. Wide range of topics from Windows, Linux, Mobile, Leg ..read more

What better way to get into the festive mood then by taking part in an awesome online security conference – KringleCon 2019 from the SANS institute. For anyone new it’s a free online conference which includes youtube hosted presentations from security professionals on a variety of topics as well as a CTF game where you help Santa figure out who has stolen two turtle doves from elf university! How to Join? It’s a free conference, to join in the fun simply visit HolidayHackChallenge 2019 and click on Kringlecon2 at the top then register an account. If you just want to listen to the talks you ca ..read more