About

This site is designed to provide a one stop shop for all your practical learning in pursuit of a cybersecurity career. I have taught technology classes and hold 21 certifications from Microsoft, Comptia and ECCouncil. I also have done Penetration Testing for a couple of different companies, so I have a unique view on the book smart aspect of cybersecurity and the real world practical application of techniques for cybersecurity. I have found throughout the years that people learn better when the actually do. You can read books all day long, but until you try breaching your first server, you will not be able to apply what you read.

In my opinion, Capture the Flag and Wargames are some of the best ways to learn cybersecurity techniques. So in my Pop Pop Pop Another Server Drop series, I run through various CTFs, but I stop to explain why I am using a certain command, why I am doing a certain recon in a certain order. I find these are missing in generic CTF walkthroughs so my goal is not to just give you a solution to a CTF, but to formulate a repeatable plan when attacking machines and apply critical theory to it.

I also have built an entire Aplication Security Program from scratch at one company, so my Bounty Hunter series focuses on Application Security specific items. These will also prepare you for doing bug bounties and understanding how and why a particular web exploit works.

The essential series is where I go over specific generic cybersecurity topics that do not fit into the other two categories, like a discussion on certifications, or a lesson in system hacking.

I hope you enjoy your stay here and feel free to contact me at sh1katagana1@protonmail.com for any questions.


Comments

Post a Comment

Popular posts from this blog

These arent the rclones youve been looking for...

Image
I recently came across an interesting technique used by many different ransomware groups that is used for data exfiltration. In this current age of ransomware, it is becoming more common to see double and sometimes triple extortion, where they are exfiltrating the data out before encrypting so as to have some leverage should the company not decide to pay up. One such tool being used is called Rclone https://rclone.org/ What is interesting about this tool, it's a self contained executable and doesnt have to be installed on Windows. You simply download the zip file, unzip it and you can start using it. Its strength lies in being able to communicate and upload to a large number of cloud storages via command line. A list of all the ones they currently support is found here: https://rclone.org/docs/ One of the ones I tested recently was its connection to Mega.io. If a company isnt blocking outbound to these cloud storages, they run the risk of easy data exfil via this tool. To set it
Read more

Retro (Pop Pop Pop Another Server Drop)

Welcome to another entry into our Pop Pop Pop Another Server Drop series. Today we will be popping Try Hack Me's Retro challenge. This will go over basic scanning and enumeration, RDP, and post exploitation. Enjoy
Read more

Channel Update 6/9/2022

Image
I have not posted cybersecurity videos in a while as I was transitioning roles at my work place and was focused on that. Now that im settled in, i want to resume my normal video cadence, with a focus on Intel Bytes, a playlist dedicated to Threat Intel. I will also make more Pop Pop Pop Another Server Drop videos, and I have also started doiong some videos on my adventures in virtual reality, my new hobby. So, stay tuned for more killer vids!
Read more