GSEC passed and my 2012-2013 Security-Cert-A-Palooza

I passed the GSEC exam early last week and got my certificate in the mail today. It made me stop and think what a crazy eleven months it’s been.

Last May I was fortunate enough to attend a computer forensics course in Phoenix where we took the CHFI and CCFE tests at the end of the week. Those were my first two computer security certificates and I was hooked. I hadn’t seen my wife in a week and we met up at the Phoenix Comicon (yes my wife and I are that big of nerds) and my wife said that I was “glowing” and that she had never seen me so happy. I realized that I had spent the previous six days either in class or in my room studying yet I was unbelievably happy. It’s amazing how smooth things feel when you’re doing what you should be doing.

I had taken the SANS 508 course back in 2008 but never had a chance to put those skills to use but now that I had knocked the dust off my forensics skills I was anxious to put myself to the test and try my hand at the GCFA. I passed that last summer and felt fantastic. It was by far my greatest achievement in the field. The week after I took the Access Data ACE exam to round out my forensic skillset.

I decided to start filling in my many knowledge gaps by going through the certificate gauntlet. I knocked out my A+ first and while I was studying for the Net+ I got an opportunity to attend the SANS 504 course. The course was amazing and I studied for that thing like I had never studied before. I passed the test with a 94 and had a much better test experience than I had on the GCFA since I knew how to properly prepare.

I knocked out my Net+ real quick and then decided that I wanted to supplement my GCIH knowledge with some more hands on hacking knowledge so I signed up for the attack-secure.com “samurai skills” penetration testing course. In addition to some good videos the course came with 90 days of access to a student network of over two dozen boxes to try to hack. I learned a ton and a lot of the concepts from GCIH made a lot more sense when I was forced to put them to use. A great side benefit to this course was giving me a decent understanding of Linux command line usage.

When I got shell on the final box on the network and got access to the file that I needed to earn my “Attack Secure | Penetration Tester” cert I was very proud. I know the cert is very much an unknown and I’ve got a lot more to learn but it was a step in the right direction.

After a sexual assault, I just couldn’t sleep anymore, I couldn’t go on. I started therapy with ambien 10mg, but the fear was still there at night. I spent hours pondering thoughts. My doctor wrote down a small pack (60tbl. 10mg). The first night changed me completely. I don’t want to talk about a miracle cure here, but at first, I slept as well as I haven’t in years.

I went straight from my online hacking course to the SANS 408 Windows Forensic Course in Phoenix and learned a ton about examining Windows systems. Four weeks after that class I attended the 401 course and had a great week, learned a lot and met some great people. Now that I’ve knocked out my GCFE and GSEC certificates I’ve set my sights on the CISSP. I’ll be taking the SANS 414 course in a few weeks and I’ve scheduled my CISSP exam in late May.

In Eleven months I obtained a CCFE, CHFI, GCFA, A+, GCIH, Net+, AS|PT, GCFE and GSEC and hopefully I can add a tenth cert in twelve months by passing my CISSP.

Comments

Post a Comment

Popular posts from this blog

SANS Index How To Guide with Pictures

Image
I got some great advice recently on creating an index for SANS exams and I wanted to write a blog post to share it with others. I took the SANS FOR 508 Computer Forensics course in 2008. It was way over my head but I had a great time and learned a ton. A few months ago I finally decided to go for my GCFA certification. I had four year old material from a course that had been completely revamped and no index. I passed the exam with a score in the 80s but it was a grueling experience. I had to rush on the last part of the exam and never felt comfortable. A few months after my GCFA exam I got an opportunity to attend a SANS SEC 504 class. I really wanted to prepare for my GCIH exam the right way so while I was at the conference I asked several individuals how they prepared their index. Most people told me that their indexes were 8-10 pages. A lot of these people had more SANS certs than I have friends so their methods obviously worked for them. My class had a teaching assistant (also SANS
Read more

Introducing FaviconLocator: The Eazy Button to Searching by Favicon

Image
  Favicons (short for favorite icons) are the cute little pixelated images that appear next to the site name in web browser tabs, bookmarks, etc. In the image below we can see the iconic GitHub logo on their site and the KFC logo on a bucket of chicken on their site. Originally, favicons were designed to add a touch of professionalism and branding, but for anyone who is like me and has over a dozen tabs open at any time, favicons are the only thing displayed and how I navigate tabs. Most of us rely on favicons on a daily basis but many never think of them as a tool we can use in OSINT and CTI investigations. That’s what we’re doing to talk about here as well as introduce a new tool. In addition to branding and aiding in navigation between tabs, favicons can serve as unique identifiers for websites. These unique identifiers can help us: Trace the online presence of organizations and discover obscure digital assets Map the online infrastructure of potential threats Potentially de-ano
Read more

Automating Domain Squatting Detection with DNSTwist and Python

Image
  There’s a good chance that, at some point, you’ve received a spam email with a link that looked close to the name of a popular domain but was just a little off. Payapl.com instead of Paypal.com or similar. Domain squatting is a malicious activity where attackers register domain names similar to legitimate ones. Attackers may use these domains to deceive users into believing they are visiting a legitimate website, which can lead to phishing and other attacks. DNSTwist (available here: https://github.com/elceef/dnstwist ) is a popular tool that helps identify domain names that are similar to a given domain name. It generates a list of potential domain names by applying various fuzzing techniques to the given domain name and then checks if these domains are registered. Check out the list of Bank Of America copycat domains: DNSTwist is an amazing tool that should likely be a part of every organization's Cyber Threat Intelligence monitoring efforts, and I wanted to automate it
Read more