TCM Security

7.3K posts

TCM Security

@TCMSecurity

Come learn to hack at TCM Security Academy! Veteran owned. Quality results.

United States Katılım Şubat 2019

393 Takip Edilen216.3K Takipçiler

Sabitlenmiş Tweet

TCM Security@TCMSecurity·1d

Looking for something to work on this weekend? Why not consider giving hardware hacking a try? In this guide, we outline some of the ways you can get started with IoT and hardware hacking. And the best part? You don't have to break your budget to begin! There are a lot of surprisingly affordable options out there. 🥳🙌 Here are some tips to get you going: 🔨 𝗗𝗼 𝘆𝗼𝘂𝗿 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵. Legalities around IoT and hardware hacking can get messy, so first research the regulations in your part of the world before getting into it. 🔨 𝗚𝗲𝘁 𝘁𝗵𝗲 𝗿𝗶𝗴𝗵𝘁 𝘁𝗼𝗼𝗹𝘀. If budget isn't a major concern, there are a lot of options. Tools like a digital multimeter (DMM) can range in price, but sometimes making that upfront investment pays off in capability and quality. You'll also want to pick up a logic analyzer, a USB-to-"X"-port adapter (as you're likely to encounter protocols such as UART, I2C, SPI, JTAG, or SWD when hacking), and various hand tools like screwdrivers. 🔨 𝗙𝗶𝗻𝗱 𝘆𝗼𝘂𝗿𝘀𝗲𝗹𝗳 𝗮 𝘁𝗲𝘀𝘁 𝗱𝗲𝘃𝗶𝗰𝗲! There are several ways you can procure a test device to learn on. You can hit up secondhand stores and garage sales to gather pre-owned test devices, or you can get a Raspberry Pi, which lets you run custom firmware on it. 🔨 𝗡𝗶𝗰𝗲-𝘁𝗼-𝗵𝗮𝘃𝗲 𝘁𝗼𝗼𝗹𝘀. Some tools aren't exactly necessary, but they are helpful! These include a helping hand, an electrostatic discharge (ESD) mat and soldering mat, a soldering iron, test clips, and extra jumper cables. If you find that IoT and hardware hacking is something you're seriously interested in, consider taking our beginner-friendly course or even our PIPA (Practical IoT Pentest Associate) certification: hubs.la/Q04gHVJS0

English

1.5K

TCM Security@TCMSecurity·2h

This networking #pentesting guide isn’t intended to be exhaustive, but it covers many of the core areas every pentester should understand, including: ⚡ 𝐑𝐞𝐜𝐨𝐧 & 𝐝𝐢𝐬𝐜𝐨𝐯𝐞𝐫𝐲 ⚡ 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐬𝐜𝐚𝐧𝐧𝐢𝐧𝐠 & 𝐜𝐨𝐧𝐟𝐢𝐠𝐮𝐫𝐚𝐭𝐢𝐨𝐧 ⚡ 𝐋𝐚𝐭𝐞𝐫𝐚𝐥 𝐦𝐨𝐯𝐞𝐦𝐞𝐧𝐭 & 𝐞𝐱𝐩𝐥𝐨𝐢𝐭𝐚𝐭𝐢𝐨𝐧 Inside, you’ll find familiar tools like #Nmap and #Metasploit, along with others that can help expand your toolkit. Whether you’re brand new to pentesting or sharpening your existing skills, having a reference like this can save time and help guide your learning path. If you’re exploring certifications that align with these skills, we offer the PJPT (Practical Junior Penetration Tester) for beginners and the PNPT (Practical Network Penetration Tester) for intermediate learners. Check them out here: hubs.la/Q04gHHZ50

English

952

TCM Security@TCMSecurity·16h

@corewarrior @TaelurAlexis @CSKIP71 @d0rkph0enix @GarrGhar @pry0cc @InsiderPhD @seclilc @TheMsterDoctor1 @I_Am_Jakoby @0dayCTF @JackRhysider @CroodSolutions @AccidentalCISO @runasand @Jhaddix @Alh4zr3d @rana__khalil Thank you as always Sam! Have a great weekend everyone.

English

254

Sam Williams@corewarrior·16h

#FF of #InfoSec && #CyberSecurity professionals @TaelurAlexis @CSKIP71 @TCMSecurity @d0rkph0enix @GarrGhar @pry0cc @InsiderPhD @seclilc @TheMsterDoctor1 @I_Am_Jakoby @0dayCTF @JackRhysider @CroodSolutions @AccidentalCISO @runasand @Jhaddix @Alh4zr3d @rana__khalil

English

364

TCM Security@TCMSecurity·19h

The feeling when the weekend hits and you can focus on furthering your #cybersecurity learning (or just having fun)! 😎 Either way, let's go! Hopefully we'll see a few of you at the TCM Security Academy: hubs.la/Q04gHTcR0

English

849

TCM Security@TCMSecurity·2d

The TCM Security #affiliate program is BACK! Refer a friend, earn commissions. Ten percent of each #cybersecurity certification or live training sale made goes directly to you. 🫵 Apply today - and if you're approved, start sharing your unique link and earn some extra income. hubs.la/Q04gvZ2s0 Reach out if you have questions!

English

TCM Security@TCMSecurity·1d

Prepping for a #pentesting exam? Here are 3 easy steps to ensure your success. ✔️ Create a game plan, but don't be afraid to modify it as you go along. ✔️ Rest is important! Give yourself breaks because those can often lead to the precious "a-ha!" moments. ✔️ Make sure to eat properly and don't overdo it on the caffeine. You don't want to crash six hours into the exam. And as a bonus tip - take good notes! Seriously, your notes will become arguably your most important resource. If you're interested in taking a TCM Security pentesting exam, check out our current #certification roster here: hubs.la/Q04gwCrQ0

English

1.3K

TCM Security@TCMSecurity·2d

👋 Meet Aaron Wilson: the Service Architect for Offensive Security at TCM Security/Educate 360. Aaron's job at TCM is to break into client environments, mentor our pentesters on methodology and career growth, and help build out the new service lines we bring to market. Aaron has spent the majority of his career in IT and cybersecurity. From studying security & risk analysis at Penn State to working his first IT job reimaging Windows hospital PCs one summer, Aaron eventually landed at TCM Security and rose the ranks. He went from: 𝗣𝗿𝗶𝗻𝗰𝗶𝗽𝗮𝗹 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗲𝗿 → 𝗥𝗲𝗱 𝗧𝗲𝗮𝗺 𝗟𝗲𝗮𝗱 → 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁 So what keeps him happy in cybersecurity? It's the possibilities. "You could build an entire career doing one thing and doing it well or branch out and find many interests. This field is infinite in both breadth and depth." Dedicated to expanding his skillset, Aaron just recently earned the ISACA CISA (Certified Information Systems Auditor) – further evidence that the best pentesters never stop learning. When Aaron isn't testing networks, you'll find him grinding chess ELO through the Chess Dojo, playing tuba with the Lake Norman Philharmonic, catching Kannapolis Cannonballers games with his wife Ariel, or hanging out with their cat Snowy. His advice to anyone earlier in their cybersecurity journey: "Never compare yourself to others. Everyone has their own growth path, and your time will come if you stay consistent and motivated. If you didn't learn something new today or fail at something, you aren't growing." We're lucky to have him. 🖤

English

1.6K

TCM Security@TCMSecurity·2d

LIVE: 🕵️ HTB Sherlocks! | Cybersecurity | Blue Team x.com/i/broadcasts/1…

English

805

TCM Security@TCMSecurity·3d

Josh Mason dropped by on a recent livestream and shared with Megan Percy (Senior Product Manager) his thoughts on how to set yourself apart as a prospective job candidate. Check out what he says in this quick clip! Another way to set yourself apart as a prospective #cybersecurity candidate? Earn a certification like the PSAA (Practical SOC Analyst Associate). hubs.la/Q04gkj4W0 Our first-ever blue team cert, the PSAA ranks among our most popular (and we consistently see it namedropped in job postings, too.)

English

1.5K

TCM Security@TCMSecurity·4d

As you refine your skillset with #CTFs, don't forget about the TCM Security Academy! It has 20+ courses that will help shape you into a better pentester or defensive security professional. https://www.tcm/rocks/acad-x Looking to become more involved with capture-the-flag competitions AKA CTFs? Here are a few pointers to help you on your way, and recommendations for why and how to start. 𝗪𝗵𝘆 𝘀𝗵𝗼𝘂𝗹𝗱 𝗜 𝗱𝗼 𝗖𝗧𝗙𝘀? CTFs are clearly a way to refine your #cybersecurity skillset, but let's be more specific. CTFs help participants develop their troubleshooting skills, learn about underlying technologies, encourage learning in a safe environment, and can really appeal to people with a more competitive edge. 𝗪𝗵𝗮𝘁 𝗱𝗼 𝗜 𝗹𝗲𝗮𝗿𝗻? You can learn to use scripting languages like Python to automate tasks during the CTF, and you can get more familiar with popular pentesting tools like Burp Suite. 𝗥𝗲𝗮𝗱𝘆 𝘁𝗼 𝘀𝘁𝗮𝗿𝘁? Choose any of the numerous beginner-friendly CTFs! Popular CTFs include OverTheWire, RootMe, and picoCTF. Bookmark hubs.la/Q04g9qd70 if you decide you really want to go further with CTFs. And keep an eye open for future TCM Security CTFs!

English

1.4K

TCM Security@TCMSecurity·4d

The TCM Security Academy hosts several web app security courses, including Practical #API Hacking. If you haven't taken this course before, check out the details below 👇 In 6 hours, you will: ✔️ 𝗗𝗶𝘀𝗰𝗼𝘃𝗲𝗿 𝗵𝗼𝘄 𝗔𝗣𝗜𝘀 𝘄𝗼𝗿𝗸. ✔️ 𝗨𝗻𝗱𝗲𝗿𝘀𝘁𝗮𝗻𝗱 𝗵𝗼𝘄 𝘁𝗼 𝗲𝗻𝘂𝗺𝗲𝗿𝗮𝘁𝗲 𝗔𝗣𝗜 𝗲𝗻𝗱𝗽𝗼𝗶𝗻𝘁𝘀. ✔️ 𝗚𝗲𝘁 𝗳𝗮𝗺𝗶𝗹𝗶𝗮𝗿 𝘄𝗶𝘁𝗵 𝗰𝗼𝗺𝗺𝗼𝗻 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻 𝗔𝗣𝗜-𝗱𝗿𝗶𝘃𝗲𝗻 𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀. ✔️ 𝗣𝗲𝗿𝗳𝗼𝗿𝗺 𝘀𝘂𝗰𝗰𝗲𝘀𝘀𝗳𝘂𝗹 𝗮𝘁𝘁𝗮𝗰𝗸𝘀 𝗮𝗴𝗮𝗶𝗻𝘀𝘁 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗹𝗲 𝗔𝗣𝗜 𝗲𝗻𝗱𝗽𝗼𝗶𝗻𝘁𝘀. This beginner-friendly only requires that you have some knowledge of web app #pentesting and a machine that can run Kali Linux. As a bonus, this course is the last contender before you're ready to take on the PWPP (Practical Web Pentest Professional). 💪 This course is included with your All-Access Membership! hubs.ly/Q04g9wBQ0

English

1.8K

Heath@techsolvd·4d

Working my way through these certifications. @TCMSecurity is awesome for learning, highly recommended.

TCM Security@TCMSecurity

Become a certified AI hacker with TCM Security. You can earn a PAPA (Practical #AI Pentest Associate) certification by doing the following: - 𝗧𝗮𝗸𝗲 𝘁𝗵𝗲 𝗮𝗰𝗰𝗼𝗺𝗽𝗮𝗻𝘆𝗶𝗻𝗴 𝘁𝗿𝗮𝗶𝗻𝗶𝗻𝗴 (𝗔𝗜 𝗙𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹𝘀 𝟭𝟬𝟬 & 𝗔𝗜 𝗛𝗮𝗰𝗸𝗶𝗻𝗴 𝟭𝟬𝟭) - 𝗦𝗶𝘁 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗣𝗔𝗣𝗔 𝗲𝘅𝗮𝗺, 𝘄𝗵𝗲𝗿𝗲 𝘆𝗼𝘂'𝗹𝗹 𝗵𝗮𝗰𝗸 𝗮𝗻 𝗮𝗴𝗲𝗻𝘁𝗶𝗰 𝗔𝗜 𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻 - 𝗪𝗿𝗶𝘁𝗲 𝗮 𝗽𝗿𝗼𝗳𝗲𝘀𝘀𝗶𝗼𝗻𝗮𝗹-𝗹𝗲𝘃𝗲𝗹 𝗿𝗲𝗽𝗼𝗿𝘁 𝗱𝗲𝘁𝗮𝗶𝗹𝗶𝗻𝗴 𝘁𝗵𝗲 𝗽𝗿𝗼𝗰𝗲𝘀𝘀 & 𝗳𝗶𝗻𝗱𝗶𝗻𝗴𝘀 - 𝗔𝗻𝗱 𝗵𝗮𝘃𝗲 𝘀𝗼𝗺𝗲 𝗳𝘂𝗻 𝘄𝗶𝘁𝗵 𝗶𝘁! Get the PAPA package today: hubs.la/Q04g6zc00

English

2.3K

TCM Security@TCMSecurity·4d

@techsolvd <3 thank you, Heath!

English

313

TCM Security@TCMSecurity·4d

@kaorrosi Thank you so much for the kind words ^_^

English

ScriptKiddo | Offsec USA Chapter Ambassador@kaorrosi·4d

@TCMSecurity This was a great course and awesome exam! I learned a bunch!

English

119

TCM Security@TCMSecurity·4d

English

3.6K

TCM Security@TCMSecurity·4d

@O_n4z Hi! You can read our stance on that here: tcm-sec.com/ai-tools-and-c…

English

nvz@O_n4z·4d

@TCMSecurity Would this exam allow using ai as well ?

English

TCM Security@TCMSecurity·5d

Remember: We offer the first part of our SOC 101 course on YouTube! Looking for something to do today? We got you: hubs.ly/Q04f_ZKv0 What course should we add to our #YouTube next? 👀

English

2.6K

TCM Security@TCMSecurity·6d

For all the moms out there in the TCMS community <3

English

1.5K

TCM Security@TCMSecurity·6d

@techsolvd Thank you Heath! And thanks for the feedback - we can make note of it for future Academy updates. :)

English

647

Heath@techsolvd·9 May

Just getting started in the academy and have to say, it’s awesome so far. Easy to navigate and lessons are great. Only thing I wish they would do is order the modules in the recommended order. Maybe have a sort option based on the path you want to take?

TCM Security@TCMSecurity

If you're just starting to immerse yourself in #cybersecurity, consider joining the TCM Security Academy! Take a course like Practical Ethical Hacking, which will help you build a robust foundation as a pentester: hubs.la/Q04f_JK60 Are you new to penetration testing and trying to master the basics of #networking? You'll need to understand #networking to be successful. So, here are some core concepts to start with: 𝐓𝐡𝐞 𝐎𝐒𝐈 𝐌𝐨𝐝𝐞𝐥. This serves as the standard language for discussing different network layers. Understanding the OSI Model can allow you to be more precise in your pentest findings. 𝐈𝐏 𝐀𝐝𝐝𝐫𝐞𝐬𝐬𝐞𝐬. Although this might seem silly at first, if you aren't prepared to define what an IP address is, you may need to do some studying or risk running into issues when it comes to recon and scope. 𝐌𝐚𝐜 𝐀𝐝𝐝𝐫𝐞𝐬𝐬𝐞𝐬. The more you know, the better. Knowing more about the devices running on a specific network will only benefit you in your testing. 𝐓𝐂𝐏 & 𝐭𝐡𝐞 𝐓𝐡𝐫𝐞𝐞-𝐖𝐚𝐲 𝐇𝐚𝐧𝐝𝐬𝐡𝐚𝐤𝐞. Understanding how a three-way handshake works helps make sense of how the network is interacting with your scan. 𝐂𝐨𝐦𝐦𝐨𝐧 𝐏𝐨𝐫𝐭𝐬 & 𝐏𝐫𝐨𝐭𝐨𝐜𝐨𝐥𝐬. This knowledge will become your secret weapon during recon - allowing you to identify attack vectors and vulnerabilities. 𝐒𝐮𝐛𝐧𝐞𝐭𝐭𝐢𝐧𝐠. Don't let the math scare you away! Subnetting is useful for several reasons: It can help you stay in your engagement scope and allow you to pivot effectively to other internal networks once you are inside a network.

English

1.2K

Keşfet

@corewarrior @TaelurAlexis @CSKIP71 @d0rkph0enix @GarrGhar @pry0cc @InsiderPhD @seclilc