What I’ve learned during my Rookie Year in Cyber Security

My Starting Point

One year ago I finally decided to make a dream come true for myself and to get into the field of cyber security. At this point, I was 36, happily married, father of two kids and had a good job working as a product owner for a large German based e-commerce company.

I already had some practical experience with hacking tools, like nmap, John the Ripper and the like and also had a solid foundation on IT concepts like networks, system architecture, programming languages, APIs and so on from former jobs.

But since I’ve written my first lines of code in QBasic and Turbo Pascal for the first time, I always wanted to become something like a “Hacker”. So because, I already knew that I was unhappy with my job at this point and that it was time for a change, I decided to give my old a dream a chance to become true.


Analyzing Honeypot Data after 2 Weeks

Two weeks ago I started a little experiment and set up the T-Pot honeypot collection on an AWS EC2 instance. This article describes what I’ve learned out analysing the collected data.


Setting up T-Pot in AWS Cloud (2020)

What is T-Pot?

T-Pot is a collection of dockerized versions of 18 honeypots (in T-Pot version 20.06) in combination with some powerful tools like the ELK stack for beautiful visualisation of all events captured by T-Pot.

Why is it of interest?

T-Pot is an easy way to collect all kind of information about ongoing cybersecurity threats without the hazzle of setting up a large amount of different systems by your own. The honeypots will pretend to be vulnerable servers and by doing so, invite automated attacks as well as manually hacking attempts.

Digitale Gesellschaft

Datenschutzpanne bei HelloFresh

Laut Aktienkurs ist der Berliner Kochboxen-Lieferant HelloFresh Dank Corona-Krise zur Zeit mehr Wert als die Lufthansa. Während die Zahl der Neukunden wächst, nimmt die Kritik der Bestandskunden im Netz allerdings zu.


Ultimate OSCP Write-Up Collection

There are dozens of OCSP write-ups and guides out there, which are really helpful as preparation for passing the OSCP exam.

This is a collection of my favourites:

  1. Passing OSCP
  2. 59 Hosts to Glory
  3. The total OSCP Guide
  4. OSCP Developing a Methology
  5. Tips for success in PWK (OSCP)
  6. My OSCP Journey by InfoSecurityGeek
  7. How to prepare for PWK/OSCP (by Abatchy)
  8. OSCP Journey to OSCP – 10 Things You Need to Know
  9. A Detailed Guide on OSCP Preparation – From Newbie to OSCP

The Linux Privilege Escalation course by Tib3rius is also very helpful in acquiring knowledge about the post exploitation phase and is worth each penny.

What are your favourite write-ups or preparation materials for the Offensice Security Certification?