BrakeSec Education Podcast podcast show image

BrakeSec Education Podcast

Bryan Brake, Amanda Berlin, and Brian Boettcher

Podcast

Episodes

Listen, download, subscribe

BrakeSec Education Podcast podcast on Apple PodcastApple Podcasts

Tony Robinson, leveraging your home lab for job success - Part2

• 57 min

Tony Robinson (@da_667) Thought we’d put in a little news to round out the show https://www.bbc.com/news/world-us-canada-58863678 - nuclear secrets hidden in a peanut butter sandwich https://www.theregister.com/2018/04/20/rsa_security_conference_insecure_mobile_app/ https://www.vice.com/en/article/jg8w9b/the-twitch-hack-is-worse-for-streamers-than-for-twitch https://nakedsecurity.sophos.com/2021/10/08/apache-patch-proves-patchy-now-you-need-to-patch-the-patch/ https://www.securityweek.com/fontonlake-linux-malware-used-targeted-attacks https://securityaffairs.co/wordpress/123182/breaking-news/medtronic-recalled-insulin-pumps-controllers.html Similar device on ebay: https://www.ebay.com/itm/324762812721   https://www.zdnet.com/article/brewdog-exposed-data-of-200000-shareholders-for-over-a-year/   https://tpetersonkth.github.io/cve/2021/10/02/Analysis-of-CVE-2019-9053.html   https://0xdf.gitlab.io/ www.leanpub.com/avatar2  MSRP = $30 USD Book changes   What is the end goal?  Upskill? Independent consultant? Promotion? Bug bounties? Lab setup -    Lab setup types   Cloud based -  Desktop/laptop/NUC -  Server -    Good VMs to   https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ - 90 day WIndows machines   What other home lab equipment have would be helpful? Testing IoT/embedded devices? Car hacking? Malware analysis? https://bazaar.abuse.ch/ Virus Total Intelligence Honeypots @malware_traffic - https://twitter.com/malware_traffic/status/1446627364147023877 Analyzing binaries? Patch analysis (patch tuesday, print nightmare, etc)? https://wumb0.in/extracting-and-diffing-ms-patches-in-2020.html https://www.netresec.com/?page=networkminer   Soldering? Oscillators for voltage checks? Wireless? Old cellphones (mobile apps, don’t need cellular) Personal assistant devices (used IoT devices?) Accessing data stored on devices   Specific software licenses?  Burp? If I’m trying to break into infosec, how do I use my lab to sell myself to an employer? Does the employer care?  How can someone show what they’ve learned in a way that shows the value?

BrakeSec Education Podcast RSS Feed

Share: TwitterFacebook

Plink icon