Skip to content

passkwall.net

Hacking, Red Teaming, Offensive Engineering

Menu
  • /home
  • /about
  • /github
  • /linkedin
  • /youtube
Menu

Tag: pentesting

The "Lost Highway" of security.

How I transitioned into security, and what I would do differently (2022 edition)

Posted on October 13, 2022October 13, 2022 by passkwall

I was visiting my parents over the winter holiday back in 2018. The cold air nipped at my bare arms and the North East Coast breeze was a stark reminder of how much colder it gets versus the warmth of the West Coast; I was running outside to catch a phone call. My fingers had…

Continue reading

What the OSCP doesn’t prepare you for in the workforce, and how to get caught up!

Posted on April 29, 2022 by passkwall

When I took my OSCP exam, I had less than two years of professional experience in the security space. While I did some of my own learning in terms of webapp testing, hackthebox scenarios, and the PWK (Pentesting with Kali) material, it doesn’t replace working alongside your peers on a security team. I did, and…

Continue reading

Homoglyphs and Bypassing Web Application Controls

Posted on March 21, 2022March 22, 2022 by passkwall

As with most articles I write, this post comes from a particular engagement where I was tasked with re-testing fixes engineers put in place for a XSS (Cross-Site Scripting) vulnerability. While the details of the exploit will not be discussed here, the bypass technique using homoglyphs are fair game. What’s a ‘Homoglyph’? According to Wikipedia,…

Continue reading

Visualizing Network Scans and Identifying Relationships with Neo4j

Posted on March 11, 2022March 13, 2022 by passkwall

Networks can be gigantic, period. Scanning from different network vantage points can also be challenging. The more and more I started getting into the weeds of a networking using Masscan and Nmap, the harder it was for me to make visual sense of its topology. Sure, I could use spreadsheets like everyone else but this…

Continue reading

Second Serving of the OSCP — My Exam Experience(s)

Posted on February 22, 2021March 17, 2022 by passkwall

For the uninitiated, the Offensive Security Certified Professional (OSCP) is an ethical hacking certification that demonstrates a pentester’s ability to breach systems in a timed manner as well as document their findings in a professional and ethical manner. In the security world, the certification is the defacto entry-level certification known for its toughness coming from…

Continue reading

Search blogs + topics

Recent Blogs

  • Finding security bugs across a codebase for beginners
  • How I transitioned into security, and what I would do differently (2022 edition)
  • Securing your CI: How to determine what matters most
  • What the OSCP doesn’t prepare you for in the workforce, and how to get caught up!
  • Docker Cache Poisoning – Part 1

Topics

  • Hacking
  • Hackthebox
  • Mindset
  • OSCP
  • Tools
  • Tutorials
  • Uncategorized
  • /home
  • /about
  • /github
  • /linkedin
  • /youtube
© 2023 passkwall.net | Powered by Minimalist Blog WordPress Theme