Thursday, April 24, 2014

Update On Email, Bsides London, and Plans

Hey guys,

Just a quick update to let you know a few changes that will be occuring. To start off, I have switched over emails from the old gmail one to The new email will be tekwizz123 *spamblock* @ (obviously remove the spamblock part ;) ). For now this will act as a running test, and I've also added a PGP key for that email in the event anyone would like to send encrypted email for queries or otherwise.

In other news, I would like to discuss some plans that I have for summer. These are not finalised and may change, but the direction that I'm looking at is to try to obtain my OSCE certification sometime over this summer. Once that is done, I am also looking at beefing up my skills in web penetration testing, as I realize these are severely lacking at present and I would really like to improve on this.

To do this I'm planning on taking The Web Application Hacker's handbook and actually reading through it and doing all the examples from front to back. Along the way I'm hoping to also do some blog posts on this to serve as a reminder and to also try and help inform others who might also be looking to improve in this area.

Other than that, the main plan for the summer is to use the 3 months as effectively as possible in order to get my skills up to speed whilst learning as much as possible. I also have plans for a side project with my brother, so you might see a few details of that being posted on here from time to time if I discover something interesting ;)

One last final note. I will be presenting at Bsides London 2014 on the rookie track this year on the topic of metadata and Recon-ng. Recon-ng is an incredibly useful tool, but I feel it is missing out on an incredibly useful feature by not including the ability to extract information from the metadata of a company's public documents. I will be presenting on my work that I have done over the last 3 months on working on a solution to this and will be making the source code publicly available to everyone at the conference. Essentially its FOCA for Recon-ng :)

 If this sounds interesting to you and you would like to contribute, please feel free to drop me a line giving your current skills and what you could bring to the project and I'm happy to work something out. There's a lot of things that still need to be done to bring the project up to scratch so don't feel like you're going to overcrowd the project at all ;) If you don't have a ticket to Bsides London, don't worry as I hear there will be videos being taken at the conference itself, so I'll try get a copy and post it online if I can.

Anyway, I think thats enough updates for now. Hope to see you all at Bsides, otherwise plans should start kicking into action at the end of May or beginning of June.

See ya all shortly,