This blog post will be about how I studied for and passed the AWS SAP-C01 exam in two months (with a 890/1000 in October 2020, with 750 needed to pass), and some tips and tricks along with some resources I used. Again, I signed up for an exam about two months in advance. Make sure […]
Tips and Tricks for passing the AWS Certified Solutions Architect (AWS-CSAA) 2020 Exam
This blog post will be about how I studied for and passed the AWS-CSAA with a 840/1000 (720 needed to pass) exam in two months, and some tips and tricks along with some resources I used. First thing I did was sign up for taking an exam, which was good because the exams were only […]
Pen Test Guide to Pentaho Business Analytics
This guide was written following a very confusing and multi-day ordeal to enumerate what was found in an instance of this software during a pen test. Hopefully this Pen Test Guide to Pentaho Business Analytics will help you if you run into it on your tests. The summary of what this software does, is allows […]
Online Privacy Tips from an Ethical Hacker
I recently had someone come to me with an issue regarding a potential stalker. They were concerned that this stalker was finding a bunch of info on them online, and even cold calling up their friends for info about them. I spent an hour with her and came up with 14 online privacy tips which […]
BSidesNoVA Advanced CTF Write-up
I am an active member of NoVA Hackers and one of the members asked if I would participate in the advanced CTF at BSidesNoVA, so I did! This is a simple write-up to describe the approach we took for this competition. See below for the event description: For the advanced players, Arash is returning with […]
Metasploit Community CTF 2020 Writeup
This competition started at noon on 1/30/20 and ran for 4 days until 2/3/2020. There were a total of 18 flags and a grand prize of $500 with a 1 year pro HTB subscription. My team of 4, which I pulled from a local meetup (Nova Hackers) and random people from the Metasploit CTF chat […]
How the CISSP changed my Linkedin Views
Just for those who are curious about what kind of changes they should expect on their Linkedin views and messages after getting the CISSP.. This is a short blog post about how it impacted mine. Being in InfoSec, as long as you’ve got some experience under your belt, recruiters will definitely reach out to you, […]
Certified Information Systems Security Professional (CISSP) Certification
Passed the CISSP on my first attempt in mid-July, 2019, and finally getting around to writing about it now. Summary of exam: My exam was 100 questions, although it can go up to 150 based on how you are doing on the exam.. its kind of variable so I think if it knows you are […]
Jump the Great Firewall of China by hosting your own free VPN
Travelling to China anytime soon and need to access Facebook, Gmail, Instagram, etc? Or just want to stay safe while at Starbucks? You’re in luck. Here’s a proven way to do it. (tested Sept 2019 from China). I had an old MacBook air lying around, so a lot of this guide will be written in […]
Hackthebox – Ypuffy Writeup
This is a write-up for the Ypuffy machine on hackthebox.eu which was retired on 2/9/19! Step 1: Enumeration Like usual, let’s start with a quick nmap to see what ports are open: nmap -sC -sV -oA nmap1.txt -Pn 10.10.10.107 First we attempt to browse to port 80 like usual, but we get a “the connection […]