Only have 15h a week to study? Setting career goals for 2020? Want a cert where you will learn a lot?

You will notice that the OSCP is not a very welcoming cert for those who have to work 40+ hours a week and on top of that might even have a family or hobbies.

Reading people’s experiences where they are able to focus 100% of their time on the OSCP and finish the guide/exercises in a couple of weeks, plus the fact that lab access is bought by days, can be intimidating for those who can’t allocate more than…


Image for post
Image for post
image via Unsplash

Why?

As many of us in IT, I am exposed to a lot of security presentations where I am told how many thousands cyberattacks there are every day.

I could be cynical and just dismiss those numbers, but what if I were wrong?

The risk is too high, especially given how easy is to verify those.

There are even better reasons why you should consider a honeypot:

  • Move one step forward on the kill chain by acting on the reconnaissance stage: You can detect if your network is being a target of a scan and so predict if an attack is…


Detailed instructions on how to deploy the Cowrie honeypot monitored by Splunk.

Image for post
Image for post
The Manuka Honeypot — Keep reading and you’ll have this running in no time!

If you want to observe live and real threat intelligence the best way is probably by deploying a Honeypot.

Here are some step by step instructions that are fully working at the time of writing this article and that should have you gathering data in 30 minutes.

Disclaimer: As of May 2019 there are already many tools out there automating all this process (the Modern Honey Network is a famous one), however most of those tools’ development has been abandoned and the scripts that automate all the process…


See how I played red team/blue team on this simple network security experiment.

Image for post
Image for post
photo by Rob Bye on Unsplash

Many tutorials out there explain how to perform DNS tunneling but most of them feel like just a compilation of the commands needed to execute it, with almost no explanation on the networking background.

What’s even worse: No one seems to discuss how to prevent DNS tunneling from happening in your network.

1. What is it and why would someone use it:

DNS tunneling is a method used to send data over the DNS protocol, a protocol which has never been intended for data transfer. …

Roger Galobardes

Cybersecurity experiments. Simplified.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store