My new love: Ethical Hacking : Post#1

 

New love: Ethical Hacking

Hope the post title don’t annoy my wife :p . It shouldn’t I guess, as long as the love is for learning something very good.

The Start:

We all face dilemmas in a day to day life. Sometimes in personal life, sometimes in professional. In the later category, I was facing one from last many months. And worst part being in dilemma is sometimes you either end up doing nothing or you do both the things. What happens then is you end of thinking about two things and end up working on two as well. This delays your achievement, this reduces or rather diverts your focus frequently. Being someone who always ends up getting a lot of new ideas on daily basis regarding new things to learn, try and implement it sometimes becomes very tough to select one and finish it completely.

The dilemma I am talking about was with respect to the choice of new skillset to learn to advance professionally and to make the days count even better. It was between two things which are booming nowadays and probably they are here to stay- Automation and Ethical Hacking/Security Testing. I worked on both of these and have basic or intermediate knowledge of both. Or you can say I am logically clear on both. But to implement the ideas, solve the problems or make your logic work, you also need to have in depth of technical knowledge of the task at hand, you should know how to. And putting my efforts on both things was delaying my expertise on either.

The choice was finally made as I understood my natural inclination towards the unknown. I am curious by birth, like to explore. So Ethical Hacking was definitely my thing. It’s like an endless road, you can go on and on and on. I have just started on it and will try to share my experience here as I progress. Let’s see how it goes.

The pre-requisite:

It is not necessary to be from software and networking background to learn Ethical Hacking I think but it will definitely help. At least it helps me when I read stories of other hackers or incidents and can understand at least 70-80% of those technically. Again the area to test is so vast that even your preparations or pre-requisites differ according to your target. If you are going to test mobile devices, you will have to gain knowledge around that, if you are going to test web applications your preparations shall differ and so on. I will surely update about what exactly to do and from where to start once I reach some level.

If you ask me, I collected basic knowledge around networking, protocols like HTTP and https, Linux, HTML, javascript over years at my Job. That shall help I guess. Apart from that, I follow a lot of hackers on Twitter. Their stories, tweets, and interview are of great information. Reading their experience feels like watching a sci-fi/mystery movie. I love it. And yes, I am also reading The Web Application Hacker’s Handbook as my first book purely into Security Testing.

And yes, one more important thing. Did I mention that you should be having a Mentor? It is always necessary and helps a lot with anything in life. I am not saying you should have one for everything, but there should be someone whom you look up to when you do some good work in some field. It is applicable to life in general as well. I am lucky to have few. And here guess with whose help and guidance I am learning to hack? Santhosh Tuppad. If you don’t know him already(which is rare if you are into the testing world), you should read his bio and know about his work.

Read more

How about a ChatBot?

I often feel empty when I find myself not doing anything ‘new’. Well when I say new, it doesn’t always mean it should be brand new to entire world, but rather to myself.

Idea is not only to keep myself engaged and satisfied but also to tell that I am doing something new and there is still a lot to do. Lots and lots of my learning or initiatives are output of this same feeling or situation I put myself into.

On same line, AI and in particular Chat Bot idea was ruling my mind for quite some time, similar to what it is doing to most of the tech world. I got inspiration from few chat bots, few blogs on medium and that was enough. I tried many platforms which are readily available like Botsify, cloning github repositories, Smooch, Howdy, Chatfuel, etc. I crossed out option of cloning github repo to keep it somewhat original and few others for lack of usability and configurability. Chatfuel was the final choice.

Considered multiple mediums like telegram, facebook messenger, sms, etc. and finally settled for Facebook messenger considering its reach.

After multiple attempts with different available resources, here is the final draft(will keep on enhancing it). Please give it a try and share your feedback. This chatbot is my personal assistant bot and it talks about me on both personal and professional front.

iconChat with Bot

How to: Jenkins Auto Deploy & Slack-Jenkins integration

SlackBot-featured1
Automated deployment via Jenkins

If you are someone who is supposed to manage deployment on multiple environments or on clustered environment, you know how painful or time-consuming it can be manually. This post will enable you to automate deployment across multiple environments, from Jenkins branch of your choice.

Well there are few prerequisites before we start, read below:

  1. You have your shell script(s) ready on servers you are looking to deploy build
  2. ssh from your Jenkins server to target servers is enabled
  3. You will need a project in Jenkins which you can configure as Auto-Deployment project. Preferably copy of your existing project which you are currently using for so that you get most of the config copied
  4. Publish over SSH, Build Authorization Token Root Plugin, Slack Plugin plugins are installed in Jenkins(explained in Step- 2)

Step- 1

Create standard structure on each target server, e.g. /home/Autobuild or /u01/mydummyproject/Autobuild

Within Autobuild folder, keep your deployment script which Jenkins will be calling and also create one more directory within Autobuild folder named as build

Read more