So! I have not written anything in a while because of school, family, daily life stuff! remember it is not about yourself it is about having fun with everything that you do and doing it to the best of your capacity. Over the last week in a half, all i have been doing is playing with docker, the best way to play with docker is straight up get your hands dirty with it. I used this lab, https://labs.play-with-docker.com/ as well as I had a tutor show me some stuff on how to make a docker file. You can find kind of like a cheat sheet of the anatomy of a docker file here: https://gist.github.com/adamveld12/4815792fadf119ef41bd
Another thing that I did is upload into my github using the command line the docker file that I created basically to practice with it. You can find the bare-bones of what you need in a docker file explained here in my github. https://github.com/santiago0072002/DockerRepoTraining/blob/main/Dockerfile . in fact I just went to the docker hub and downloaded python on docker. Why Docker you might ask? Well it is something else to learn, you can run a service inside docker without using a virtual machine, it is a crazy process in which the image become a container and everything you need might be inside the container using the host OS underneath but the container will be basically a process. So basically you can run a service in Docker such as a database and a lot of stuff. I actually like Docker and I got no clue why but once i got it working and executing commands then game on! In the cyber security world you have to know how to defend docker, there is a CIS Benchmark that you can use that talks about how to defend docker, as an attacker you will want to use docker to establish persistence. When you defend you have to know how an attacker might use the service, this is the reason It drove me to learn about docker, I am convinced that in order to defend you might have an idea how to attack it, it helps you defend it. If I am running a Database in Docker nothing worst that leaving the default password or having an attacker enter nothing into a query to get information out. The CIS Benchmarks also have information about how to harden your database too. In College right now we are learning PHP and MySQL I am OK when it comes to SQL but I suck with PHP. When it comes to SQL I like using https://www.w3schools.com/sql/ same site when it comes to PHP. There are little tricks to tell you everything about a database, basically a SQL injection, but you have to know what to look for. Two years ago I used burp suite pro and their academy is very good for practicing some offensive stuff such as SQL injections. Here is the link. https://portswigger.net/web-security and it is FREE!!! the burp suite pro version is not free though but the other option is to use OWASP ZAP or maybe you can make your own tool. 🙂 I like SQL actually.
As far as Cyber Security Goes, Our next competition will be next month April 18 competing against some of the best schools in the South East Region. Our Team is pretty good, I am trying to automate as much as possible while getting rid of the low hanging fruit stuff. Some Google Searches can take you straight to what you want but the problem is looking for something that you don’t know. This is when thinking out of the box helps a lot when it comes to google dorking. For the next competition this is what I am going to check in order, make sure my internet works, if not then I might have to restart the service and hook up the internet and service using the right IP addresses, after that get AV, then download Python, then wireshark, go offline, run my AV, run wireshark to see if there are any beacons, check my firewall rules, check my users, check who else besides me have access to the system, check cron to see if there any schedule jobs, check groups of wheels and change passwords for every user in the system, run a script to harden the system to the point that you can’t do anything without inputting the password, but guess what!! whoops! I just change your password! HAHA! I think this fun. This is pretty much basic stuff and just by checking off the basic stuff you should be able to be safe for a while in a cyber security competition. I am also learning Yara Rules thanks to a friend and I am always keeping my self learning Python and getting better.. Any way! this is all for now! TTYL! get some of those links! what are good resources that you are using! Dev Ops is the thing to learn but I like Python, Offensive Security, Defensive Security and programming. I love this field.
