Olivia
Online
Sukesh Shetty
@daemon_user
CISSP | OSEP | BSCP | CRTE | CISA | Senior Security Architect
Dubai, United Arab Emirates
Joined May 2016
1K Following
70 Followers
84 Posts
Sharing a blog post from my Synack work, a reminder that solid offensive security is about process, persistence, and details.
"Admin / Admin." Two words you never want to find hardcoded in production firmware. 😱
SRT researcher @daemon_user gives a full technical write-up on how a simple directory listing can lead to the keys to the kingdom: https://t.co/9GxFZVMasR
🔓 Boot files weren't supposed to talk. But they did.
RSA keys. /etc/passwd. Admin/Admin in production firmware.
No CVE. No exploit. Just a misconfigured web server.
My latest writeup on Synack Exploits Explained 👇
🔗 https://t.co/0To7iIIRRF
here are the top 9 things i’ve learned in my first 6 months working as a senior cybersecurity consultant for @CrowdStrike:
1. github is terrifying. parse your own repos for hard coded creds, thank me later
2. great companies still exist, crowdstrike is one of them
3. the hallmark of a great manager is someone who listens to understand, and teams up with you to work to solve the problem you face. not someone who works against you
4. consulting doesn’t have to drain you. a mature, well-run consulting firm provides you the necessary resources (including sufficient staffing) to commit 110% to each of your clients without overworking yourself
5. identity-based attacks are what keep most security practitioners awake at night nowadays
6. i am under-skilled in networking and AD, but that’s ok because i have colleagues who are geniuses in these areas and a solid consulting firm balances out talents/skills. my talents/skills are just as valuable. comparing yourself to everyone around you achieves nothing positive
7. having a job that you genuinely enjoy, working for people and a company that treat you with kindness and respect does wonders for your mental health. i didn’t realize how poor my mental health was due to struggles at my previous job
8. the best consultants are the ones who genuinely care and want to provide actionable, realistic solutions
9. the color changing, dancing dino emoji in slack is elite. you can’t change my mind
Who to follow
@SEHAHealth Not able to register through the app using EID and mobile number, getting error "data entered doesn't match the medical record". Please advise
The structure of my videos will be to first exploit the vulnerability manually and then script it. Here's a sample video of me scripting an SQLi exploit. Since the scripting portion takes up most of the video time, I'd like to know if that's something that you would find useful?
Sad to see this is not clear for people in 2021 (CISO & co) but:
Vuln. Assessment != AppSec
AppSec != Pentest
Pentest != RedTeaming
Redteaming != internal pentest (AD)
Adversary simulation != Adversary emulation that != Purple Teaming.
Each approach is complementary, thank you😤
@SecurityTube @nikhil_mitt Also, special mention to the Red Team Lab support team for their continuous support during this CRTE journey, you guys have been awesome!!
@SecurityTube @nikhil_mitt Thanks to @nikhil_mitt for designing such an amazing Active Directory lab environment. It has been a great learning experience about Active Directory, PowerShell, manual MS SQL exploits, etc. The lab and exam were both challenging and fun to solve with a bit of research.
It's wonderful to have @daemon_user from @niiconsulting to give a talk in our upcoming @Hackers_Meetup on 19 july Register now https://t.co/sfknVqRfLG #TheHackersMeetup #THMIndia
We are glad to announce that our Subject Matter Expert @daemon_user (Sukesh Shetty) will be speaking on 'Firewall Rule-set and Configuration Review' at @Hackers_Meetup on 19th July (Sun) at 10:00 AM (IST)
#cybersecurity #firewall #webinar #hackers #onlinemeetup #onlineconferences
Thanks to our wonderful team of @gharbhejo n tremendous on ground support from @khaanachahiye Ninjas we got1000 people who had reached out to us for help onto trains to UP. Many thanks to @MumbaiPolice @RailMinIndia. And eternal gratitude to the rockstar @SonuSood n @NeetiGoel2
Shout out to the great initiative started by YashpalSinh Sisodiya - a non-profit organization to help Cyber crime victims.
We as a CyberNGO would like to help Cybercrime victims, spread awareness to avoid users being victimized i…https://t.co/l5b6zhQew1 https://t.co/oibsj48jQO
⭕ *68,000 crore* of loan waiver given to big corporates
⭕ *20,000 crore* being spent for central vista project
Dear Government of India, show your priority. Ensure free transport to workers.
#NoFareForWorkers
Thanks to our wonderful donors, we were able to distribute ration kits of essential food grains, oil, salt, sugar, etc to 26 families in this slum on RTO Road, Andheri West.
#lockdown #Coronavirus
@projectmumbai1 @rubenmasc @HelpingHandsTwt @swaraj1983
The single best way to overcome Covid-19 anxiety is to engage yourself in charitable work. Spending an hour or two every day doing something for others takes you completely out of your egocentric viewpoint. There's so much remote work that needs to be done.
This is a slum of nearly 1000 people, called Madraswadi right on JVLR. They are all daily wage workers and don't have ration cards or any other safety net. Totally dependent on handouts.
@OfficeofUT @AUThackeray @MantralayaRoom
@rubenmasc @projectmumbai1
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers