Network Penetration Testing:
> Experience:
I've spent many hours on Hack The Box, focusing primarily on network penetration testing and database exploitation using programs like Silverbullet and other similar tools.
I started doing PicoCTF's at age 13 and since then I have spent many hours going through previous HackTheBox CTF's as well as spending time using other learning resources.
Recently, I discovered a CSRF (Cross-Site Request Forgery) vulnerability in a web application, which I promptly reported to the person running it.
> Programming Skills:
> Python:
I'm comfortable using Python and have used it in many of my projects, including making crypters and obfuscating executable files. Additionally, I frequently use Python for tasks such as properly formatting and cleaning up databases.
> C++:
I initially began learning C++, but my focus shifted towards network penetration testing, which led me to prioritize networking skills over further C++ development.
> Networking & Security:
> Generalized Knowledge:
Although I'm focused on network penetration testing, I want to continue to expand my knowledge and skills, especially with tools like Wireshark, Metasploit, Nmap, Aircrack, and Airodump. I prefer to maintain a generalized skillset but am considering specializing in certain areas, such as cloud security and network security.
> Experience with Security Tools:
Metasploit: I use it extensively for exploitation in penetration testing engagements.
Wireshark: For network sniffing and packet analysis.
Nmap: A tool I feel confident with, as I know various commands and have used it in a variety of network assessments.
SQLMap: I use it for automating SQL injection attacks and testing databases.
Aircrack & Hydra: I've utilized these tools for hash cracking and WiFi security testing.
Pwnagotchi: I've used this tool to capture WPA/WPA2 handshakes to later be cracked with HashCat.
> Operating Systems & Environments:
I primarily use Kali Linux for cybersecurity tasks due to its robust penetration testing tools and versatility. However, I'm also comfortable with Windows, Mac and most Linux distros, providing me with flexibility to work across various systems and environments.