WarLord
Active Members-
Posts
649 -
Joined
-
Last visited
-
Days Won
28
Everything posted by WarLord
-
Fac acuma un curs de C++ printr-o facultate, si studiem din Gaddis. http://cplusplushelp.weebly.com/uploads/2/5/6/5/25655197/0136022537.pdf (Daca esti interesat de o carte) Ca si compilator folosim Netbeans, dar poti sa folosesti si Dev-C++. Netbeans ii mai greu de configurat, dar pentru curs ii obligatoriu; acasa cand inveti in particular, faci ce vrei. Spor la treaba!
-
Angajații IT, fără scutire la impozitul pe venit
WarLord replied to Nytro's topic in Stiri securitate
Adica ai vrea sa iti dea chitanta pentru mita? Pai ce sa faci cu ea? S-o bagi la impozit?! -
Angajații IT, fără scutire la impozitul pe venit
WarLord replied to Nytro's topic in Stiri securitate
Nu sunt hater deloc doar ca mi se pare un lucru anormal. Nu am auzit de nici o tara civilizata sa faca asa ceva. Macar asta ii mai tine pe tinerii romani in tara: scutirea de taxe daca lucrezi in IT. Sper macar sa vi se merite, daca tot laudati asta asa de mult! -
Angajații IT, fără scutire la impozitul pe venit
WarLord replied to Nytro's topic in Stiri securitate
Mai rar sa vezi asa ceva: pentru ca lucrezi in IT, sa fi scutit de impozit pe venit. Numai in Romania ii posibil asa ceva! -
@Costi - nu trebe sa dai numele firmei, dar daca poti sa dai mai multe detalii despre internship. Cum l-ai gasit? A trebuit ceva cunostinte de baze? Ce fel? Te-a luat pe baza de interviu, sau au luat pe oricine? Poti sa fi descalificat pe perioada internshipului? Cat timp a durat internshipul? Ce ai invatat in timpul internship-ului? Ai lucrat la ceva proiecte? Poate imi dai un exemplu. Ce technologii ai invatat? Ca saltul de la turism la programare, ii destul de mare Poate o sa te mire intrebarile de mai sus, dar le intreb, ca sa imi fac o parere generala. Momentan studiez pentru un internship, si mi-au dat aia o carte "The Web Application's Hacker Handbook 2", ceva online web application, cu nivele, si apoi am 2 interviuri ca sa intru in internship; deci am destule pe multe cerinte. Studiez cartea in paralel cu cursul de la eLearnSecurity WAPT.
-
https://mytorrents.org/Pentester+academy
-
Am intrebat pentru ca citeam articole, in care s-a luat interviu de la resurse umane si manageri din Romania, si parerea lor a fost ca numa' proiectele de rahat ajung in Romania; adica alea pe care cei din strainatate nu vor sa le faca ca-s sub nivelul lor, si le trimit afara, gen outsourcing. Chiar eram curios de salar! Poate cei care cunoasteti salarile din Romania, in InfoSec, puteti sa postati cerintele pentru jobu' vostru, avand in vedere ca stiti salariile luate. Daca ne lasa admini' sa ne intindem mai mult pe threadu' asta, poate vorbim despre ce situatii ati intalnit. Probleme pe tema de InfoSec in Romania, se cauta CISSP, CEH, OSCP, etc.
- 43 replies
-
- defcamp
- defcamp 2016
-
(and 2 more)
Tagged with:
-
Asa ca tot ziceai ca se castiga bine in InfoSec (si sper ca vorbeai de Romania), cam cat se castiga in Romania in InfoSec?
- 43 replies
-
- defcamp
- defcamp 2016
-
(and 2 more)
Tagged with:
-
UK to spend extra £1.9bn fighting cyber-attacks
WarLord replied to QuoVadis's topic in Stiri securitate
Asta inseamna locuri de munca...pentru doritori ! -
Step 1) Start reading! There are some go-to books that you can buy to help you learn the basics and essentials of penetration testing and bug hunting. Since bug bounties often include website targets, we’ll focus on getting you started with Web Hacking and later we’ll branch out. Note -> It's very important to focus on an area of hacking that is interesting & exciting to you. Focus on that one area and pick up new things as you go, but don’t try to be the “ultimate hacker” and learn everything. The greatest hackers on Bugcrowd have specialities and areas of interest, but they don’t know how to hack everything. Hacking is a lifelong journey of learning. Your two go-to books are the following: The Web Application Hacker’s Handbook256 This is an absolute must-read and considered the web-app hacker’s ‘bible’. This book starts from square one, walking you through getting Kali Linux installed all the way through using tools and finding exploits. OWASP Testing Guide v4968 Highly suggested by Bugcrowd’s Jason Haddix For further reading: Penetration Testing102 The Hacker Playbook 2: Practical Guide to Penetration Testing75 And for our Mobile hacking friends: The Mobile Application Hacker’s Handbook50 iOS Application Security27 Step 2) Practice what you’re learning! While you’re learning it’s important to make sure that you’re also understanding and retaining what you learn. Practicing on vulnerable applications and systems is a great way to test your skills in simulated environments. These will give you an idea of what you’ll run up against in the real world. Hacksplaining1.1k This is a great site to learn a bit more about various web hacking techniques and how they’re done. It’s actually more of a practical walk-through. Super useful! Penetration Testing Practice Labs911 This site has a massive list of practice apps and systems for several hacking scenarios. Use this list to find new testing labs and sites to practice your skills. Step 3) Read tech write-ups and POCs (Proof of Concepts) from other hackers and watch tutorials on YouTube! Now that you’ve got a baseline understanding of how to find and exploit security vulnerabilities, it’s time to start checking out what other hackers are finding in the wild. Luckily the security community is quite generous with sharing knowledge and we’ve collected a list of write-ups & tutorials: Bug Bounty write-ups and POCs Collection of bug reports from successful bug bounty hunters. Bug Hunting Tutorials Our collection of great tutorials from the Bugcrowd community and beyond. /r/Netsec on Reddit236 Netsec on Reddit is almost exclusively tech writeups and POCs from other researchers. A fantastic resource. JackkTutorials on YouTube330 Jackk has created many tutorials that walk you through CSRF, XSS, SQL Injection, Target Discovery and much more. DEFCON Conference videos on YouTube118 Watch all of the talks from DEFCON over the years. Very useful resource. Hak5 on YouTube112 Hak5 typically focuses on hardware hacking, but in addition to that they also have the ‘Metasploit Minute’ show, HakTip: NMap and much more. Awesome-Infosec189 This is a curated list of helpful security resources that covers many different topics and areas. Step 3-A) Gather your arsenal of tools Tools don’t make the hacker, but they’re certainly helpful! Bugcrowd has curated an extensive list of tools that you can add to your bag of tricks: Bugcrowd Researcher Resources - Tools Step 4) Join the community! You’re joining a global community of over 29,000 hackers. Luckily many of these hackers are happy to share their knowledge with a fellow polite & curious researcher. Follow White-Hat Hackers on Twitter269 A list of bug bounty hunters that you should be following. Join the #Bugcrowd IRC channel103 to talk to over 100 security researchers Follow @Bugcrowd on Twitter62 to keep up with the latest infosec news Join the Bugcrowd Forum57 for more resources & to chat with other researchers Step 5) Start learning about bug bounties Okay, now you’re at the point where it’s almost time to start hunting for bounties. But first, let’s learn how bug bounties work and how to get started, just to make sure we maximize our chances of success. How to approach a target Advice from other bug hunters that will help you find more success when approaching a bug bounty. How to write a Great Vulnerability Report100 This will walk you through how to write a great vulnerability report. The better your report, the higher chance you will get a bounty! How to write a Proof of Concept65 Proof of Concepts show the customer how your bug is exploited and that it works. This is crucial to being rewarded successfully. How to Report a Bug51 Our walkthrough for reporting a bug via the Bugcrowd platform. Bug Bounty Disclosure Policy46 These are the rules of the road. It’s very important that you understand the bounty program’s bounty brief and disclosure policy. Read the Bounty Hunter's Methodology This is a presentation that @jhaddix gave at DEFCON last year and it's a super useful look at how successful bounty hunters find bugs. Check out the Github and watch the video88. How To Shot Web - Jason Haddix's talk from DEFCON23 Step 6) Get hacking! It’s time to start hacking! When you’re new and getting started, it’s probably best not to try hacking the most popular bug bounties out there. Trying to hack Tesla Motors, Facebook, Pinterest and others will likely end in frustration for beginners, as those companies are very popular and are more secure because they receive many bug reports. Go for the Kudos only programs297 Instead, focus on bug bounties that have likely been overlooked by others. These are often bug bounties that don’t pay rewards but instead offer kudos points on Bugcrowd. These ‘kudos points only’ programs297 are a fantastic way to get started with bug bounties and to show your skills to Bugcrowd. After you’ve submitted some valid bugs to Bugcrowd, even if they’re kudos rewards only, you will likely start receiving invites to private bounty programs. The private bounty programs are invitation only and restricted to a small number of people, which means less competition and a higher likelihood of successfully finding a bug. Step 7) Always Be Learning & Networking Like we mentioned earlier, hacking is a lifelong journey of learning. This is what makes this field so exciting! There are always new articles and presentations to learn from, interesting people to meet at conferences or local meetups, and new opportunities to pursue. Bug bounties are a fantastic way to enter the InfoSec community and build your career. Use bug bounties as a way to make extra money, improve your skills, meet new people, and even build out your resume. Remember, always act professional and treat people well. This is a small community and we like to take care of each other - you never know who you might meet!
-
NSA's Hacking Group Hacked! Bunch of private hacking tools leaked online.
WarLord replied to a topic in Stiri securitate
Downloadu merge, dar nu le poti decripta! -
Eventual companiile straine trec printr-o criza de a gasi "sclavi" pentru muncile lor, ca defapt asta ii Romania, o piata de desfacere de produse ieftine de calitate inferioara, si o piata a muncii pentru companiile care cauta forta de munca cat mai ieftina, ca sa isi reduca costurile, si sa isi urce profiturile, gen outsourcing. De fapt, asa se plang toti angajatorii romani, ca nu mai gasesc oameni pe care sa ii angajeze. Am citit cazuri de la brutarii, pana la IT, parca si ceva in domeniul cercetarilor! Poate cei care lucrati in Romania pe la Bucale, Cluj, etc, poate da-ti si exemple concrete si reale de la locul vostru de munca.
-
SecureWorks - Penetration Tester Sr./Principal - UK/EU Remote (de pe forumurile lui OffSec) SecureWorks - Penetration Tester Sr./Principal Location: Remote Based - UK preferred (EU considered) Schedule: Full-time SecureWorks is looking to hire a number of consultants to join their growing penetration team in the UK (EU location considered). The Penetration Testing Consultant supports the Security and Risk Consulting, Technical Testing team, by applying information security threat intelligence to identify and exploit vulnerabilities within our clients’ environments. A successful candidate will have experience in goal-based network/infrastructure penetration testing and post-exploit, and not only have experience in vulnerability/web scanning tools as penetration testing. Required area of focus: - Network penetration testing Additional desired areas of focus, one or more of the following: - Web application testing; Wireless penetration testing; Mobile application testing; Social engineering; Physical security; Red Teaming Role Responsibilities: - Conduct goal-based penetration testing and document findings for client remediation in the form of briefings and reports - Maintain working knowledge of advanced threat actor tactics, techniques and procedures, and emulate that TTP to assess vulnerability and risk - Perform proactive research to identify and understand new threats, vulnerabilities, and exploits - Document and present new testing techniques to internal and external teams - Manage testing engagements as the project lead, including coordinating multi-consultant engagement teams - Candidates must be located in Europe and willing to travel domestically and internationally up to 50%. We promote the use of a remote testing appliance to help reduce the amount of travel. Benefits: - Training: Generous, dedicated budget per person, which allows you to attend most training courses available on the market. - InfoSec community: SecureWorks’ employees and SecureWorks as a company want to be involved in the InfoSec community, and as such promote attendance to conferences. Just this year, our UK team attends Bsides London, Bsides Manchester, BlackHat/DefCon Las Vegas, 44CON and DerbyCon. Furthermore, financial incentives are in place to promote speaking to conferences or teaching classes. - WFH: This is a remote office position, so we want you to be comfortable. We provide a budget to get a decent chair, desk and any office supplies you require, along with two 24" monitors, keyboard, mouse and docking station (Dell equipment) to avoid bending over a small laptop screen. Requirements: - If you are reading this post, you are an OSCP holder and therefore likely have the technical skills we are looking for. You will join a global team of many OSCP holders (as it’s a job requirement to possess OSCP by the end of this year) to discuss your next attack vector. - 5+ years of total professional experience in information security or related field - 2+ years of experience performing or leading technical testing engagements/projects - Strong time management skills, self-directed, with the ability to meet verbal and written deadlines. - Strong technical communication skills, both written and verbal, with the ability to explain technical security concepts to executive stakeholders in business language. Certifications: - Required certifications must include one of the following: CHECK Team Member (CTM) or CHECK Team Lead (CTL); CREST Registered Tester (CRT) or Crest Certified Tester (CCT); TIGER Qualified Security Tester (QSTM); CREST Certified Simulated Attack Specialist (CCSAS); CREST Certified Simulated Attack Manager (CCSAM) - Required clearances: SC or DV with no restrictions - Desired certifications: OSCP; OSCE; GPEN; GWAPT; GXPN http://dell.referrals.selectminds.com/jobs/principal-consultant-penetration-testing-secureworks-90603?et=1U1rtRHJt
-
https://securityreactions.tumblr.com/
-
Done!? Cum?
-
Web Penetration Testing with Kali Linux - Second Edition
WarLord replied to QuoVadis's topic in Securitate web
I googled it and found it on several webpages. Here is one of them: http://uploaded.net/file/kwfpwc5s -
Apar cam multe firme din astea de training in ultima vreme; se vede ca s-a inmultit cunostinta in lumea asta. Acuma toti ar profita de pe training-urile astea. Daca duci o hartie de la firma aia, tu crezi ca HR-u stie de firma aia? Mai greu! Si eu lucrez in IT. L-au concediat pe colegul dupa anul trecut, si am ramas numai eu. Am 3 din 4 siteuri/locatii pentru IT support, pana la sfarsitul lunii inchid din motive economice o locatie. Cand ii nevoie ori sunt la o locatie ori la alta. Nu prea stau dupa program, dar weekendul asta am proiect: Vineri, Sambata, Duminica sunt la firma, daca trebuie si peste noapte. Daca mai apare ceva in cursul anului, si trebuie sa fiu aici in weekend, asta e, ca doar is pe salar, si asta da oportunitate angajatorului sa abuzeze si sa te tina daca ii nevoie peste 40 de ore. Cred ca ii vorba si de firma unde nimeresti. Colegul meu lucra serile la servici, eu plecam dupa ora inchiderii, si acuma isi cauta loc de munca. Ori traiesti pentru a munci, ori muncesti pentru a trai; ceva tot trebuie sa muncesti, asa ca orice muncesti, trebuie sa iubesti!
-
Pentru cei interesati, cititi carti, sau vreti sa va imbogatiti biblioteca digitala: https://doc.lagout.ovh/
-
Masterking.Kali.linux.Hack.It.or.Crack.It.2nd.Edition
WarLord replied to ICEBREAKER101010's topic in Tutoriale in engleza
Pai daca ii foame de bani, cum sa nu se bage. Ii antreneaza si sponsorizeaza companiile straine, si ei nu se multumesc cu 8 ore si bani de rahat, si creaza cursuri si carti. Udemy ii plin de ei. Macar se baga, desi multa informatie ii repetata, macar isi lasa amprenta pe ceva. Cand merg la interviuri pentru pentesting, si ii intreaba angajatorul despre realizarile lor, si isi arata proiectele lor, sunt angajati mai usor, decat unu' care nu a facut nimic. Asa ca aviz celor care nu au experienta in domeniu, dar vor totusi sa aiba ceva "la activ", bagati-va pe carti si cursuri. Lucrati la un curs in ceva, o singura data, si vindeti produsu' de 100+ ori. E cea mai buna metoda de a face bani, mai ales daca ai produs bun, si investitia nu e decat timpul si cunostintele/expertiza voastra. Spor la treaba. -
https://www.1and1.com/server-dedicated-tariff Am avut site-uri cu ei, dar nu servere dedicate. Nu am avut niciodata probleme cu site-urile sau emailurile si ii folosesc de vreo 7 ani.
-
Du-te tu pe udemy si spune-mi ce vrei, si iti spun daca il am sau nu.
-
Decryption key: !TSI7QEOaDqzx0rZdeYFGGkl_CijUPiE_2hrSntoeq0A https://mega.nz/#!6BRhQaRb
-
Revin cu uploadul la Advanced Ethical Hacking VTC.
-
Daca cautati ceva despre hacking, business, cold calling, cooking, electronics, how to..., microsoft, ccna, vmware 6, poate va pot ajuta eu. Nu va faceti prea mari sperante, dar puteti incerca oricum. Poate au facut si altii download.