⫒⟑⩃

@G0LDEN_infosec @Jhaddix @OliviaGalluccii Great talk guys!

Just dudes being hackers @Jhaddix 🤷‍♂️👨‍💻 Picture cred: @OliviaGalluccii

Sad to learn we lost another member of our community. #fuckCancer dignitymemorial.com/obituaries/las…

@wan0net @tsujamin But agree there are plenty of other systems and services that only require a license number.

@wan0net @tsujamin For Australian Government systems that validate identity documents against DVS, they require license number and card number. At least this looks to be the case for #MyGovID mygovid.gov.au/verifying-your…

Isn't the licence number... The card number? What the actual fuck.

Weak pentest report filler findings: Server headers Weak TLS ciphers Out of date jQuery What else?

@nullenc0de @hakluke Ahh, the classics

@hakluke Here is a very # of findings I found in a Verizon pentest report: 20+ more Authentication Form Field Auto-Complete Large Number of API Keys Can Be Generated Web Server with “robots.txt” OPTIONS HTTP Method Enabled TCP Timestamp Requests TLS Information Cached to Disk

@synick Next level, presuming some kind of ICS CTF?

The Game Boy Camera still has a hold over many to this day, as charming as it is... hackaday.com/2020/10/26/the…

@AlyssaM_InfoSec Hot Damn!

@bengoerz zer1t0.gitlab.io/posts/attackin…

$20 at Lowe’s == 1 under-the-door tool, 42 extra fat of 550-paracord, and priceless client WTFs. Some people just don’t know about these things.

@x0dium @ComfyConAU @PentesterLab I had some success with Lusha recently, getting mobile numbers and personal email addresses from LinkedIn profiles. Free account gives you five lookups a month.

What’s your favourite OSINT tool or technique? Bonus points for interesting ways you have used it. Drop some knowledge 👇 I have a @PentesterLab 1 month sub for some helpful responses ☺️

@kevinmitnick @ChrisGatford happen to leave something behind?

@AusCERT @kevinmitnick @KnowBe4 Do I get a meet and greet for tipping you guys off that he was in Australia? 😏

🎺Another exciting NEW announcement to cap off the week. @kevinmitnick Chief Hacking Officer @knowbe4, Security Consultant, Public Speaker, & Author will be joining us at #AusCERT2021! He will be at the Speed Debate session on Fri afternoon, 14.05. A session not to be missed!

@voltagex Any good manager would support your growth, even if that meant losing you to another team or employer.

@voltagex Bit of a backhand compliment then. Sounds to me like a failure of your manager to properly succession plan and not a short coming on your part. There is also a tendency in the APS for managers to hoard resources as a way of empire building.

@voltagex Was this said to you in a positive light, or in the sense that your boss is not letting you grow or move to another team?

@silviocesare Thank fellas, got it working. Appreciate you all taking the time to assist. Now to finish the last two challenges on this hardware CTF

@silviocesare Thanks guys, I think this was the issue. I was using python3 with the serial library. Will give it a go with python2 tonight. Thanks all for the suggestions 🙏🏼

Struggling to get the #infosectcbr #busside to work. Hoping someone can offer some advice. Tried on MacOS, Ubuntu & Kali. +++ Connecting to the BUSSIde --- Couldn't connect. --- Unplug the BUSSide USB cable. Wait a few seconds. --- Plug it in again. Then restart the software.

@kevinmitnick Any chance you’ll be sticking around for the #AusCert conference happening in a couple weeks?