ex nihilo nilhil fit


2020-09-07

Infosec Learning in August 2020

I figure I should start appending a year to these as we get closer to the end of the year. My static blog generator doesn't order these things in any logical way so perhaps this will mean less guesswork if you're trying to keep up. I might want to consider RSS support as well, especially now that I'm not doing any sort of social media at the moment (again).

With all of that out of the way, let's dig into my learning path for the previous month...

kali.training

I finally wrapped up this site after several weeks of on again off again reading. It was all relatively elementary but I wanted to dive in for a refresher. I picked up a view useful bits of information but overall I probably could've done without it. At the very least I know a little more about how Kali deviates from mainline Debian.

Somewhat related: new we saw Kali and Parrot releases last month. Both are pretty great and have made some interesting choices. I don't use Parrot as much as I'd like to but I find it to be pretty well on par with Kali. Better even in some aspects such as privacy tools.

Udemy

I added several courses to my Udemy profile. I had access to Udemy when I worked for Malwarebytes as part of company training. I don't really learn that well via video but I really enjoyed absorbing information from the site. With that memory, I jumped in on a few courses:

All of these courses are pretty introductory and I know a lot of the content. My goal here is to get a solid refresh on basic techniques and see how they've evolved through the years during my inactivity. I definitely want to fill in the gaps in my existing knowledge.

I've started the first course listed. The first three are taught by Heath Adams ("The Cyber Mentor"). I don't really care for his approach to things or personality but his content is really thorough with good explanations. I find that increasing the video speed to 1.5x (and sometimes 2.0x) helps a lot.

I do wish I had a course like first one back in the late 90s or early 2000s. Sure it cheapens the whole L337 experience but times have changed quite a bit. This stuff is still fun but it's practical for me now.

I haven't yet started the other video courses and I expect to progress slowly on these given the next topic...

eLearnSecurity PTPv5 and eCPPT

I received a discount code for the eLearnSecurity courses while hanging out in the red team village chat during DEFCON 28. Initially I signed up for the PTS (penetration testing student) course which is free if you don't sign up for the videos/labs. I found it to be a little to introductory and used the code to sign up for the PTPv5.

I'm halfway through the module on System Security (CPU architecture, assembly code, buffer overflows, malware, etc.), which is to say I'm barely into the coursework at all. It's been really heavy stuff but I'm enjoying it. I'm told there's 7 days to complete the practical part of the exam with another 7 days to write a reports.

I was going to aim for the OSCP but I thought that with this discount, it'd be worth attempting this certification first. I'm already gaining deeper insights into some areas that I understand. I just hope the coursework does a good job of exam preparation.

C++ Crash Course and Applied Network Security Monitoring Cont...

I'm still working through the C++ Crash Course as part of my learning plan with my employer. Still finding it to be a useful book. I'm only spending small amounts of time daily on it, though, so progress is slow.

After reading through about 3/4 of Applied Network Security Monitoring, I've mostly lost interest. I try real hard to read books all the way through and I may come back and finish it but the electronic format makes that difficult for me at the moment. I may pick up a paper copy.

Speaking of dead trees, I now have physical copies of UNIX Network Programming on my shelf. They're next up on deck for the learning plan at work.

Whitepapers and Articles

I spent a lot of time this month with various papers from the SANS Reading Room and the ACM Digital Library. I found the new DTRAP journal from the ACM to be really interesting. Communications of the ACM also had a great article titled "Spectre Attacks: Exploiting Speculative Execution". I learned a lot about spectre and meltdown from that particular piece.

DEFCON 28, USENIX Security '20, WOOT '20, and CSET '20

After attending SANS DFIR back in July and then DEFCON and USENIX Security in August, I believe I have a little bit of conference fatigue. I was signed up to attend Wireshark's Sharkfest '20 and I'm glad it was canceled. They opened it back up for a remote conf but I have no desire to attend.

DEFCON 28 was a great time. It was hard to keep track of what all was happening but it was fun to see all the talks and attend some of the entertainment. It was my first DEFCON. I had the chance to go back in the early 2000s but turned it down. I wonder if maybe DEFCON has gotten too big? I'm not sure if I'd attend in person. It's one of those things where I consume as much of the published content as I can from a distance. I'm glad it's still going. Between DEFCON and the CCC, I learn a lot of really neat things every year.

USENIX Security '20 (plus WOOT and CSET) were nice. The talks on the papers were really short, though. It was just a 15min abstract basically for each paper. I would have like some longer talks but I did have the papers to read if I got lost. There were 5 co-located conferences but I only attended WOOT and CSET. I did watch a couple talks from SOUPS but I didn't have the time or attention span for anything more.

At this point, I plan to watch the CCC at the end of the year and share the videos but I'll be avoiding further confs for a while.

Misc. Stuff

Via recommendation from the Udemy courses, I started taking some notes with Cherry Tree. This is a big departure from my heavy usage of emacs' org-mode. I was using Zim Wiki for other journaling but I found Cherry Tree to be a little better. I've also started tinkering with Geany for some of my code editing. I don't have big plans to leave emacs behind but these have been interesting things to play with.

Cherry Tree may stick on my heavy note taking for classes because of the various graphical features that I don't get with org-mode (though I could probably duplicate some of them closely enough). I'm unsure if I'll stick with Geany, though. It has been a lot of fun and has that Free Software flavor to it at least.

Finally, I spent a good week and a half of waking up very early to study because of the whole 'productive people wake up early' nonsense. I'm convinced it's just that: nonsense. I hit my peak brain levels between 1400 and 2200 and that's just fine by me.


ascia technologies
[ mrrr 0 || 1 ]