WeakNet LINUX
Hello everybody! A couple days ago I announced on Twitter and Facebook the latest WeakNet LINUX update was released and I am already working on update 9. This update includes the following software for your VMs:
1. Seth, RDP tool (GitHUB)
2. KeepNote (Debian APM)
3. Dradis CE (GitHUB)
4. ACLPwn (GitHUB)
5. VEGA (WNL)
6. Johnny (GitHUB)
7. Nemesis
8. NMAP compiled / installed and Debian APM version removed
9. Cool Retro Terminal (GitHUB)
10. MassScan
11. Nikto2 (CIRT.net)
12. ByteForce (WeakNet Labs/GitHUB)
X. UI Updates
a. New Icons
b. Wallpapers
c. Desktop menu update
New Tutorials Mini Series
I want to first apologize up front for not having a good setup to record my voice and screen at the same time. I just can't justify the cost of the hardware and software at the moment, so please bear with the poor audio. I did order a new microphone, but the software I am using ONLY allows me to record 5 minutes at a time as a license restriction. If anyone has any suggestions for great screen capture software, I really could use some. I use an AverMedia LGP2 for gaming that I might try to apply to these tutorials in hopes that the quality is much better. It just seems like a pain the rear to get it up and running for such a simple task :)Anyways, these videos cover how to make a mini SIEM for web application and web service monitoring. If you enjoy them, please
Conferences
I just returned from some pretty awesome conferences, the Three Rivers Information Security Symposium, and Splunk> .conf18 in sunny Orlando Florida.Let's start with the Bad and the Ugly
At the incredibly disorganized and poorly planned Splunk> conference, I attended the Splunk> Fundamentals 2 course- which wasn't good. I don't recommend it if you are up in the air due to it's ridiculous cost. It covered subjects and areas that you would have already discovered and adventured to if you were seriously using Splunk> after passing the Fundamentals 1 exam. It was also very cramped in the room. We had to share long tables with many people, so I literally had just enough space on the table for my laptop and was sitting on the end side of the table. This means, I had to stand up and pull in each time someone wanted to leave the room. The teacher made a massive amount of stupid mistakes during her lessons. In fact, some of them were repeated all the way to the end of the training and the students in the classroom were constantly telling her to do it correctly before she even noticed the issue. Then, on the last day of training, another teacher stepped in to show us a lesson and he was foreign, which is okay, but, I didn't understand a word he was saying and other students sitting by me were asking me what he was saying. I don't get it.This is the awesome right here: after the exam, the teacher announced that anyone who took the Fundamentals 2 course in the past failed or struggled in the third course- ? It's like a disclaimer stating that the Fundamentals 2 course is pointless. Also, they surprised us by saying that the exams are no longer open book and require us to pay and go to specialized testing facilities to take them. That's a bit disheartening considering that the Fundamentals 1 exam had a lot of questions that were not in the training materials. She also, that our current certificates are now dated because of this new change. I don't have any good opinions about that company, but that is not what this blog is for.
As far as the conference itself, it was very disorganized.It seems like they were greedy and allowed too many people to attend. This made the experience rather annoying as it was forced to span several resorts- good luck running from the Swan resort to the Boardwalk resort between sessions when it's 90 degrees and super humid. Most of the sessions that I wanted to attend, I couldn't because they were full, and the hoodie size that both me and my coworker reserved, were not really reserved and all out. These are just few examples of why too many people make a conference a bad idea. I won't be attending the next Splunk .conf in Vegas even if it is free.
The Good
The Three Rivers Information Security Symposium, TRISS, is an incredible event. This years was the 3rd inaugural event. The first TRISS started in a classroom in Robert Morris University. The second year, TRISS grew and was held at the large conference room at the Double Tree Hotel, and the third - this year - TRISS was massive. It was held at the Monroeville Convention Center and had 3 rooms of sessions all day. This event blows my mind, to be honest. It's very well organized, contains talks by infosec professionals from all around the Western PA area, has TONS of sponsors (who give the swag and buy the food), and gives us a chance to network with individuals in our profession that are local. I, honestly, enjoyed this conference every time it was held. I wouldn't miss it for another.If you are an InfoSec individual in the surrounding area, I would highly recommend asking your employer to send you to this conference.
Thanks for stopping by.
~Douglas