Cool stuff I’ve recently read

Cool stuff I’ve recently read

On my mailing list I recently posted a list of things I’ve recently read that I found interesting, and after some consideration decided to post these links here. While there’s a lot of activity on the list, I thought there are some of you out there who read the site but haven’t yet signed up. Now you know some of what you’re missing, you can sign up at the bottom of this post if you change your mind.

I saw an interesting slide deck by Riyaz Walikar on Windows Privilege Escalation, it’s a really good summary of the common ways of escalating privileges on a compromised Windows box. There are lots of different ways to escalate privileges on Windows, but they’re nearly all a little finicky and it’s sometimes a case of cycling through them to see what works. Having them in one place is mighty handy, so it’s definitely worth a look, even if you already have a good understanding of the different approaches.

I really enjoyed reading ZephrFish’s article on getting into the pentesting industry, he has a bunch of cool resources to look at (some of which may be familiar, some not) that you might find useful if you’re looking to break into a pentesting career.

I also found this piece on overcoming social awkwardness a good read. We all experience it in some form, and especially at events it can be hard to find the courage to talk to new people, when they may well work for your very next employer. If you think you might struggle talking to people about jobs at events, then it’s definitely worth a look.

For those of you in the UK it’s time to start preparing for BSides London, a free one-day event with talks and workshops. If you’re not in the industry and want to get in, it’s definitely worth a visit. I’ll be on the 44CON stand with a few bits and pieces to give away. BSides London’s CFP process is entirely open to the public, with talks selected by public vote. Only you can help shape the talks on the day, so please do vote.

I’ll have another long blog post for you in a couple of weeks time, if you’ve enjoyed “Cool stuff I’ve recently read”, sign up for the mailing list below and you’ll never miss my latest content.

Tagged , , .

Steve is a full-time penetration tester and founder at Mandalorian and co-founded UK Information Security Conference 44CON in 2011. He is also the author of upcoming penetration testing guide Breaking In.