How To Build a SANS GIAC Index

How To Build a SANS GIAC Index

One of the keys to passing SANS GIAC exams is to build a comprehensive index to quickly find information during the exam.  Building an index will also help you study as it forces you to thoroughly review the material.  The steps below detail how to 

How to determine your Ring Doorbell Pro firmware version

How to determine your Ring Doorbell Pro firmware version

I have a love/hate relationship with my Ring Doorbell.  When I purchased it in 2016 it worked great for a year with minimal issues.  As it became more popular, I noticed the quality dropped with video freezes, black videos, and missed motion events.  This led 

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

About a month ago, I enabled decryption on my Palo Alto firewall and limited it only to traffic to and from my MacBook Pro.  It’s worked well and provided great visibility into the vast amounts of encrypted traffic that we see nowadays. So what’s this 

Palo Alto Firewall: External Dynamic Lists

Palo Alto Firewall: External Dynamic Lists

I recently attended Palo Alto’s annual Ignite conference for the first time.  It was a great experience for learning about best practices and networking with others.  One of the things I learned was Palo Alto’s way of handling basic threat intelligence feeds.  When I say 

Palo Alto Firewall: Home Network

Palo Alto Firewall: Home Network

My very own Palo Alto! I’m a big fan of Palo Alto Networks firewalls due to their focus on security and giving both network and security professionals incredible insight into network traffic.  To improve my understanding of these firewalls, I recently purchased my very own 

Seeing Red: The Fun Stuff

Seeing Red: The Fun Stuff

The Fun Stuff: Privilege Escalation, Exfiltration, and Persistence This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we successfully exploited our Victim using a client-side attack targeting an old version of Microsoft 

Seeing Red: Exploitation

Seeing Red: Exploitation

Exploitation: Client-side Attack This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we performed some basic reconnaissance on our target machine and determined its operating system, running services, and even what browser 

Seeing Red: Reconnaissance

Seeing Red: Reconnaissance

Reconnaissance: Know Your Target This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we got a brief overview of Kali Linux and some of its capabilities.  In this part, we’ll start