/cyb/ + /sec/: Cyberpunk and Cybersecurity General:

/Cyb/er/sec/urity general is for the discussion of anything and everything related to cyberpunk and cybersecurity.

What is cyberpunk?
>pastebin.com/jS37Vu7A

Nothing to hide? - The importance of a cyberpunk mindset applied to a cybersecurity skillset.
>youtu.be/pcSlowAhvUk

Resources:
Cyberpunk:
Cyberpunk directory:
>pastebin.com/9JaJFqB2
Cyberpunk resources:
>pastebin.com/7DWCsAc8

Cybersecurity:
Cybersecurity essentials:
>pastebin.com/JWx5xeEM
Cybersecurity resources:
>pastebin.com/NaUPUDF0

Harden your OS, reroute your DNS and fire up the VPN!
Shit just got real: - Looking for more resources, help is welcomed.
>pastebin.com/JXyM4fTe

The Old Skool: - Looking for more resources, help is welcomed.
>0ld 5k00l h4ck3rz: 67.225.133.110/~gbpprorg/#40

IRC:
Join: irc://irc.rizon.net:6697
>#Sup Forumspunk - Requires SSL
>#Sup Forumssec - Requires SSL
IRC guide:
>pastebin.com/bh3Uyq3a

Thread archive:
>archive.rebeccablacktech.com/g/search/subject/cyb/
>archive.rebeccablacktech.com/g/search/subject/sec/
>archive.rebeccablacktech.com/g/search/text//cyb/ /sec//

Thread backup:
>cyberpunked.org/

Previous thread:
Suggestions for new resources are welcome.
The Gentoomen /sec/ community is looking for CTF team members, contact them at the IRC channel.

OP message:
Sorry about that, I got caught up in some real life drama so the updated pasta is a thread belayed.
I'll be posting it once this one has died.
You guys move so quickly.

Other urls found in this thread:

ikkoku.com/mi/html/guide.html
github.com/secfigo/Awesome-Fuzzing/blob/master/README.md
goodreads.com/book/show/12746081-a-bug-hunter-s-diary)
goodreads.com/book/show/26535525-the-antivirus-hacker-s-handbook)
goodreads.com/book/show/609606.Fuzzing)
goodreads.com/book/show/1069724.Secure_Coding_in_C_and_C_)
goodreads.com/book/show/6420240-the-rootkit-arsenal)
goodreads.com/book/show/349418.The_Art_of_Software_Security_Assessment)
twitter.com/SFWRedditGifs

1st for OP I will suck you. No homo.

>Clearly as Islam related incidents happens, the climate around encryption, privacy and anonymousity...is growing tense. Although there has been a month or two without incident, GB is going away from net privacy and stuff, for instance.

>Europe today can be pretty dystopic. Media is too influential, politicians often weak, uninformed and planning only personal success and the financial system is in a meltdown.

Jeez, sounds eerily like over here. The world is going to shit, anons, and we're the only ones who realize it. It's kind of starting to sound like 1984, where the propaganda is that the other countries are doing shitty, and only ours is prevailing--except it's the opposite.

"The other countries are fine, we should be more like them!" cry the headlines, meanwhile the global economy is tanking, and eventually only the strong will survive. We're being led into a technological evolution, anons. Survival of the fittest. And holy shit if it didn't come at the worst time imaginable....

Yes, close. Darwin so a straight line and like 3000kms separates me and Adelaide

Well I liked the varied responses in the last thread, so I'm gonna ask it again.

I want everyone who enters this thread to tell me what they are studying, and if possible, share some study material with us.

>close
That's like saying that because I live in Detroit, Michigan, I'm close to Dallas, Texas. I guess I'm glad I got the timezone right though. Never been to Oz, but I have some friends from Adelaide and Perth, so I'm at least familiar with the timezones.

I keep falling behind on the pasta updates though.
You guys just provide so much content, so quickly.

Currently working on how I'd code Hunt the Wumpus in GoLang. I don't have any PoC, nor any learning materials yet, but that is my next project, provided I can keep on track.

>You guys just provide so much content, so quickly.
B-but that's a good problem to have, right OP?

Lul well i live in a pretty remote town so to experience anything of value, like gigs etc, I need to fucking fly. And honesty, that's typical for most of the country. It's fucking vast and empty

Before going into crypto-currencies I didn't care much about security

But now a lot of money is at stake and... a hardware wallet isn't an option yet cause the currencies I hold don't support it

What is a better solution than 2fa Google Authenticator on phone?

Is Yubikey good or just a meme?

You need to vet some of the content. There's a lot im seeing that's irrelevant for anything other than historical and archival purposes

Same, dude. Living in a small town sucks. Closest town that gets anything even remotely interesting is 2 hours away by car, but most things are about a 5 hour drive.

And I live in a valley that doesn't get any humidity, so it looks like I live in the desert...

I fucking hate my town...

Yes, user, it is a good problem.
>*pat*

Exactly, that's the issue.
Because I have to think critically, yet have a several thread long backlist, it takes time.

>Closest town that gets anything even remotely interesting is 2 hours away by car, but most things are about a 5 hour drive.
I wish I had this problem.

It's a 5 hour airplane to the closest capital city that gets festivals and gigs.

A three and a half hour drive from my home gets you to the next town.

I mean, to be fair, 75% of Australia is uninhabitable desert and the other 25% is just spiders. Really, who would want to have towns every few hundred kilometers in a place like that?

I think that too, but today every one will tell you "hurrr user u liv in a movie" so you end up just trying to care for yourself only.

Related to lastest posts, that's why I will be moving into center next year, although I'm not into social life, I think is nice living around it.

I'll hunt around and find it; the image was posted a few threads ago, but we aren't going towards 1984 at all.

We're moving towards Brave New World. I'm not sure which is more terrifying; huxleys or orwells world.

Well that actually only took me three seconds to find, strange I havent seen it before very recently if its so popular on the web.

>I want everyone who enters this thread to tell me what they are studying
I graduated a few years ago. I don't think everyone here is a student. A quick strawpoll might be interesting, I have done a few in other threads. It appeared quite a few are PhD students which was a surprise to me.

Paper wallets with the private keys generated on a live OS offline. That's what I do for Monero. Write down the seed, don't use a printer.

I havent been a student for almost half a decade either, that doesnt mean Im not studying.

I always though that, the 1st time I saw that image a few years ago, actually. And although that's right at 90%, I think there's a 10% fron 1984

I'd say it's a mixture.
Mostly Huxleyan, but if you reject the pleasure, then they'll apply Orwellian control.

frogfag here, where I live it seems that people are still a bit misinformed about tech and they don't really care about what happens to their data. I don't know if they're overly optimistic but so far the pros outweigh the cons for everyone I know.

Politically the government is in a state of emergency until november 2017, the police can conduct searches more easily and keep people longer in custody when they're suspected of terrorism.
The government is thinking about taking permanent counter-terrorism dispositions once the state of emergency is over, it might become quite dystopic in the future considering how loosely terrorism is defined and how that could be abused

Hello, Birchip friend.

Are they /ourguy/?

How long does it usually take after sending deauth packets in aireplay for the wpa handshake to be sniffed by airodump?

Its been two minutes and I havent seen anything change; should it have happened by now? Do I do it again and increase the number of deauth packets?

Or do I need to wait longer for it to be captured?

>plebit
>/ourguy/

worst bait desu

Cyberpunk has nothing to do with cybersecurity.

I missed you.

Anyone on Retroshare? Not just for filesharing but for communication.

My ID:
(fuck this board, it thinks its spam wtf???)

well Sup Forums is more reasonable:
Thats where I posted my ID.

Me too user

They certainly intermingle. I think a lot of what you might call "cyberpunks" have white collar jobs

hello mountain jew

*handrubbing intensifies*

lets see if at least the link to the RS forum works:
retroshare://forum?name=Test_Thread%20%28post%20whatever%20you%20want%29&id=5a579555c84a96bc433cc26d7e50541f&msgid=9d58be82ce60190ba4d5d5872ed085aa9ebc296d

Cyberpunk is cybersecurity for people who have no drive to learn about the field, they’re pretenders. I’ve personally seen the post quality decrease drastically since the merger, but the thread also doesn’t 404 every few hours like it used to. I wish they hadn’t combined them, but at this point it’s too late to change.

Ah I see what you're saying. It would be nice to have a /sec/ general for a more professional tone to the discussion.

Is there anything like IPFS that has longevity? Is it the best contender for next gen distributed internet?

IPFS is pretty much as long-lived as it comes.
As long as you know the hash and at least one node (client or server) has the file, it wont dissapear

what are your personal opinions on email providers? which do you use and why? which one do you consider to be the best/most secure?

The security should be done by you using PGP and enigmail. Anything your provider does is at best assistance.

Minimum should be however: Transport security using STARTLS.
Always use a web client, not webmail.

>Cyberpunk is cybersecurity for people who have no drive to learn about the field, they’re pretenders.
Poor bait.

>TFW executed my first subdomain takeover yesterday


It was trivial but a lot of fun.

>>TFW executed my first subdomain takeover yesterday
Nice one.
Also wallpaper plox.

I suppose the issue then becomes storage.

I mean, if everyone was using puretext a modern server would never run out of space. Think that a decade of Usenet at its height got to "just" 2GB.

Speaking of text, and the source of this image, I love the work that went into these Maison Ikkoku guides:
ikkoku.com/mi/html/guide.html

It's true, though.

What does everyone do in their free time? I feel like I'm always learn learn learn read read read with netsec stuff and find I don't spent a ton of time applying it outside of work

I work as a freelance cryptography consultant, so during my free time I do anything but Netsec stuff

In my free time I'm retarded. I've never had the habit of study and now I can't really get it since 90% of stuff I would like to be into it requires practice.

As job I'm remote assistant and shit. You know, with tickets and stuff.

yes wallpaper please

tickets and stuff i feel 2 real

I'm a SOC monkey so I feel like I have to go home to actually do netsec haha
sounds like a cool gig though

its ok. Pay is nice when I have work.
WHEN.

So you're hopping contract to contract?

You know, like remote IT but seems like you can write it as that in the resume. Easy job easy pay, I don't aspire to any more.

yeah. Of course most contracts usually last a while and there is repeat business and new clients through word of mouth, so I guess I must be doing something right.
Nonetheless its not rare to be weeks or rarely months without anything to do.

exploit development and already shared my stuff here

I'm also big into exploit development and vulnerability research, I recently stumbled onto this giant list of Fuzzing resources if you're interested:
>github.com/secfigo/Awesome-Fuzzing/blob/master/README.md

Hope it helps any other exploit dev anons out there, I'm really enjoying the journey towards actually being competent in this stuff after looking at others doing this work enviously.

cheers, user. what books are you currently reading?

I'm literally learning how to program.

>desu
kill yourself.

I'm reading a bunch of books at the moment in an effort to find my footing in this field, usually I'll read a few chapters from them every week. Here's a short list:
>A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security (goodreads.com/book/show/12746081-a-bug-hunter-s-diary)
>The Antivirus Hacker's Handbook (goodreads.com/book/show/26535525-the-antivirus-hacker-s-handbook)
>Fuzzing: Brute Force Vulnerability Discovery (goodreads.com/book/show/609606.Fuzzing)
>Secure Coding in C and C++ (goodreads.com/book/show/1069724.Secure_Coding_in_C_and_C_)
>The Rootkit Arsenal - Escape and Evasion in the Dark Corners of the System (goodreads.com/book/show/6420240-the-rootkit-arsenal)
>The Art of Software Security Assessment - Identifying and Preventing Software Vulnerabilities (goodreads.com/book/show/349418.The_Art_of_Software_Security_Assessment)

There's so much to learn and know, it can get kind of overwhelming but I think it'll be worth it in the end to be good at this work.

I just finished A Bug Hunter's Diary. What do you think about The Art of Software Security Assessment? I started reading it but didn't see much code which to me is kind of a no-no.

Also, the ones I'm currently reading are:

>Hacking: The Art of Exploitation (halfway through)
>A Bug Hunter's Diary (just finished)
>Shellcoder's Handbook (started yesterday)
>Practical Reverse Engineering (haven't started yet, but will later today)

Secure Coding in C and C++ seems like a good read. I might take a look at it later today as well.

Also Silence on the wire which I saw a few anons talking about in a few threads ago.

I'm currently reading Chapter 4 - Application Review Process because I'm trying to learn how other people go about finding software flaws, so far it seems to do a thorough job of detailing a good process to follow. I mainly picked it up because it was recommended to me as a comprehensive source of vulnerability discovery methods/techniques. I don't know if I'll try to read the entire book, it's pretty massive haha.

I'm hoping to eventually settle into a formal routine for finding vulnerabilities and developing exploits, but at this stage it feels like my process mostly consists of flailing around in various fuzzing frameworks/tools then trying to make sense of crash logs.

>kill yourself
kys

And yeah, Secure Coding in C and C++ is one of the books I singled out for learning how to know when I'm looking at vulnerable code. Hope it can help out in that area for you as well.