Cyber is the problem itself

Photo by Lennon Cheng on Unsplash

The word cyber is used as a marketing term for roughly information security related topics. Everything is cyber. We are experiencing a cyber fatigue right now. Adding the term cyber creates no additional value. It is lipstick on a pig.

If you want to create a better environment, you have to face the problem itself. Proclaiming a cyber solution will not help you. It is the headless chicken mode in action. To really improve the situation, you have to face reality.

How to improve

A motivational speech

Photo by Brennan Burling on Unsplash

What kind of work would I do if I had to do it forever?

First, you have to be an effective problem solver. For the first couple of years my motivation was off the charts. We’ve grown to subconsciously measure a person’s worth based off how many hours they work, how much is on their plate and put simply — whether or not they are running around like a chicken with their head cut off.

It was a time where I had a lot of independence in choosing how to work and what to work on. …

A short introduction into a better way of leading people.

Photo by rawpixel on Unsplash

Why introduce a new term?

In my opinion management lost its precise sharpness. It has become dull term and it has drawn a lot of negativity. It could be resharpened, but it would be a great effort to rework such a big word. And even then you would not know, what you mean with management, because it would have two meanings for some time.

The problems of management

The word management is a portmanteau (combination of two words) from the Latin phrase “manum agere”. “Manus” means hand and “agere” means to lead, act, move or even push along. But it is “manum agere” and not “manus agere”, there is…

…and make it worthwhile

Photo by Justin Kauffman on Unsplash

If you flow like water through a thick bamboo forest, you will leave your marks, no matter how gentle you are. Life means to create and therefore it has to break.

Creating and breaking

You are here on planet Earth. You will create a lot during your time. But this comes with a price. In order to create you will have to break. You need resources for your life. So make it count. Create something worthy. Generate entropy. Build something that is meant to last. Your burden is to leave this planet in better shape, than you found it.

This is not as…

Why I love to solve hard problems

Photo by JC Gellidon on Unsplash

At some point in time I realized, that doing something rewarding does not necessarily lead to an achievement. And most of the time achievements are not the result of rewarding work. I tried to fix this by changing my attitude towards this fact, but it did not work out for me. So why do something, that is not rewarding in the process or does not lead to anything?

It feels like a waste of time. I sat down, reflected and looked for activities that are rewarding in the process and have a high probability to return achievements. These activities are…

If you walk from A to B, there are two obvious reasons, why you would do it. The first is to reach B. The second is to walk.

Photo by Tom Chen on Unsplash

If you enjoy walking a lot, it does not matter to you. You are enjoying the process itself. Keep that attitude, it is very helpful, but you already knew this.

If your goal is to reach B and you don’t enjoy the journey, why should you start walking? What comes after B? Will you stay at B or is it just the next hop? Look at the broader picture.

Draw a map…

An entertaining intermediate machine

ASCII Art from the flag.txt


MinU 1 is a boot2root machine from VulnHub. It is rated as easy/intermediate. I would rate it as intermediate, because it uses some techniques, which are more advanced. This machine may have a steep learning curve for beginners.

Solution — Spoilers Ahead!

In VirtualBox the MinU machines gets an IP address via DHCP, which is very convenient. So refers to MinU and refers to the attacking Kali Linux.


I scanned the host with the options shown below. And opened the full-tcp.xml in Firefox.

nmap -p- -sC -sS -T5 -A -oA full-tcp --stylesheet

My experience during the course in preparation for the OSCP and a little rant.

Photo by Dil Assi on Unsplash

This week I finished my two month of PWK. I got through most of the machines, even the harder ones and into other subnets. I did it part time, so I worked and did the lab. In short: Two very intense months, but totally worth it. A truly mind bending adventure.

Organizational Matters

Offensive Security is doing a great job! I had no issues at all. No VPN downtime, connection issues or bugs (besides the intended ones, of course). A very well explained setup guide. Everything went smooth. So nice! They even corrected the invoice for me, so that I got no…

Only a few lines of code under Linux

Photo by Samuel Zeller on Unsplash


Recently I came across the interesting task to check thousands of machines for sensitive data. Nobody wants to leak data through a misconfigured server. One classic way is to have a forgotten FTP server, which contains an old backup of some machine or service. These often contain — of course — credentials, private keys, database dumps or whatever an administrator felt like it was worth backing it up. Backups itself are not a bad idea, but putting them on an anonymously accessible FTP server is a big no-no. …

What and how we can learn from monks and martial arts

Photo by Kevin on Unsplash

Ever seen a movie or documentary about monks in a monastery performing martial arts? Every time I am impressed by the level of power, precision, consciousness and calmness.

They achieve these levels of expertise through a simple, but effective concept. It is not efficient, because it is 99% hard work and it takes them their whole life.

This sounds painful, but you will understand why it is good and desirable. These people do not stand out, because they wear easy to spot clothing. They stand out, because of their mindset.

This is not an over-a-weekend recipe for success. You might…

honze — 1+1=10, Hacker, Nerd, former Soldier, working as InfoSec Pro — München

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store