Jeffrey Bencteux
Author Image

Rubrique-à-brac

© 2019 - 2024 Jeffrey Bencteux
Built with Hugo ❤️ hyde-hyde.
ElearnSecurity Certified Incident Responder (eCIR) review Aug 08, 2021 Context After a real good experience with ElearnSecurity content, I decided to enroll for the eLearnSecurity Certified Incident Responder (eCIR) certification course. To be honest, I previously had experience with incident response and the following lines are to be taken with this in mind, especially if you never have done some before. Course As usual for ElearnSecurity, the course material consist in both slide presentations, videos and practical labs. My overall impression on the course is that it is good, but not complete. ...
ElearnSecurity Web application Penetration Tester (eWPT) review Jun 20, 2021 Context I passed eLearnSecurity eJPT’s certification a couple of months ago and decided to take some more certifications from this company, in accordance with that, my employer paid me a yearly subscription to their learning plateform INE. Cost is $750 a year, plus $400 for most (any?) certification exams. But there is a reduction on the first one you take with the yearly subscription so I ended up paying only 200 dollars for this one. ...
Elearnsecurity Junior Penetration Tester (eJPT) review Mar 31, 2021 Context A few months ago, I decided to change job to focus more on pentesting and offensive activities while I never done it before. I thus decided to obtain at least one certification in that domain to put on my CV. After going through the jungle of certification’s business and organisations I found eLearnSecurity eJPT to fit my requirements which were: practical knowledge course and exam, recognized on the market and cheap. ...
Bypassing Chrome's URL restrictions Mar 07, 2021 Context Studying about Content Security Policy (CSP) features, I came across a nice bypass of Chrome’s URL restrictions that the browser implements to prevent leak of HTML data. However, Chrome dropped the feature on which with the bypass rely on in its 89 version released stable a few days ago so it is no longer possible to trigger. The idea of Chrome developpers was to prevent exfiltration of HTML content done after triggering injections vulnerabilities through restrictions on what characters can be present in an URL. ...
Finding an infosec job in Italy Feb 14, 2021 Italy is not known for information security and finding a job in this area, or any other really, in this country is not as easy as it seems. It as now been a year I am in Milan and I would like to share what would have been useful for me before I arrived. The following is a mix of facts and opinions, so do not take it too straightforward and adapt it to your particular case. ...
MacOS forensic I Nov 22, 2020 Forensic, MacOS & Volatility I recently came to investigate on a MacOS memory dump and raw disk. In this serie of posts there are some commands, guidelines and tricks I could not find while doing it with volatility on the memory dump. Next, I will probably dump someone’s mac (as I do not possess one) to see if I can get my hands on a more recent version of the OS. ...