Tim's Computer Science Blog

Here is a quick presentation about VPN's

I recently put on a leadership workshop. There are multiple styles of and theories of leadership, but here are a few that i've found useful. The better part of this workshop though were the activities that followed it. You see training people to be leaders isn't as straight forward a task like training a manager might be, so rather than just lecturing all day the real goal was to have a series of activities that help develop leadership skill by doing them. It also helps that it's fun to do it this way! The slides have more than the video It's interesting that my post on Leadership Training seems to consistently get views vs this one on Leadership Development. I'm guessing it's because of the topic title & the fact that i've written a description. (So let's update this post and see what happens). Might as well add my Officer Management slides developed for the Network Security Team (Club at CSUMB) after this. All three of the presentations have rel...

Hi there. I've put together a presentation on password cracking with Hashcat. Fair warning I made a small mistake in one of the slides where I switched the labels for the dictionary and the file containing the password hashes. The video is pretty comprehensive and should be enough information to compete in the National Cyber League password category.

Here is a slide by slide guide on how to setup and create virtual machines, and even network them together. This is really useful to know about if you want to simulate setting up servers, networks, and various technologies and then test them. For those who are into cyber security you can safely practice your skills! You don't even need to spend money on a bunch of additional hardware!

Command Injection is a technique for gaining access, or getting a system to perform unauthorized actions. I've written up a tutorial/walk-through for a step by step lab on how to do this. It involves some setup with two virtual machines. Command Injection Walk Through Document HERE . Knowing a little bit about shells is also useful. Check out the blog post here for some resources on that. Some slides on setting up a virtual machine can be found here  if this topic is new to you. Here is a video that covers what command injection is and how it works. at about the 9:30 minute mark the talk is done and the walk through begins. Slides:

If I were to describe this simply it would be "A Primer on How to Con People: But made for the good guys" I made a prior video about some useful theories that are utilized by social engineers, but it was more tools in a toolbox than a framework that can be used. So I went ahead and put something basic together that if followed can be used to create your own social engineering plan. It comes from real world examples, and will hopefully allow others to recognize social engineering attacks. It is still pretty general and focuses on information gathering rather than executing the exploit steps, but those can still be seen in many of the example videos that are included. It's good enough info to get the general idea of how it works, how quick it is, and how few barriers there are against many social engineering exploits. You can follow along with the slides here .

Considering the current spread of COVID-19 and how everyone is spending more time online. I went ahead and made a series of tutorial videos for the Monterey County Free Library. Maybe someone out there will find these videos useful! They cover three resources on the http://www.emcfl.org/ website, though I think it would be wise to mention that these resources may be found in many libraries both public, and private. The tutorial videos include: Master File Premier (EBSCO) [video link 7:38] Learning Express Library (EBSCO)  [video link 4:19] ProQuest CultureGrams [video link 5:26] Click on the links to view the video directly. The first video covers a common database that is used by pretty much every library i've ever been in. Literally every public library, and university library uses it. It is hosted by EBSCO, and this particular service is called Master File Premier. "Master File Premier is a full text database containing magazines, reference books, images,  and primary sour...

Here is a short five minute video I made that talks about some of the design considerations for controller placement in Software Defined Networking. Software Defined Networking is a relatively new networking technology that separates the control plane from the data plane in networking equipment. In understandable langauge that's like separating the logic that decides where things go, from the hardware/software that pushes network traffic in the right direction. I'm showing mininet and open daylight here, which you can run in virtual box. Really interesting stuff, this is already replacing much of the exsisting technologies. (Just look for openflow support in the networking hardware to see if it supports software defined networking)

This video covers several useful theories and principles used in social engineering. Think of it as building blocks that can be used. Quite a bit of this comes from scholarly work in psychology. It contains brief overviews of specific topics, definitely look into it more for a better understanding. This video was produced for academic purposes for identifying Social Engineering practices. This is not an endorsement of any illegal activity.   I think the part from 8:22 on is the most informative since it comes from a research paper I found specifically about social engineering attacks. Covers: +Mere Exposure Effect (0:47) +Theory of Planned Behavior (4:04) +Modes of Communication Styles (meh) +Anatomy of Social Engineering Attacks (8:22) *Principles of Persuasion (Authority, Reciprocity, Conformity, Commitment, Scarcity) (9:04) *Frequency of Persuasion Principles used (16:23) *Number of steps used before compliance (17:51) *Occurrence of principles by ste...

I recently made a quick draft of useful Linux bash commands for a group getting introduced to capture the flag events.  This is what I consider the basics, and should be enough to get through most easy to medium level puzzles. Good luck and happy hacking. (At Some point I'll link a PDF, or add some links here) Useful Linux Commands! You may find this reference document useful: Document  (I've copied the contents below as well) Table of Contents: Intro Quick Command Descriptions Command Examples & Syntax Intro: This is a mixture of the shell (command line tool) and some common linux system programs. To use these commands you can either run Linux on your computer or use a virtual machine with Linux installed on it. The shell that we are using is called Bash (Bourne again SHell) For Windows: 1.       Cygwin (A bash shell for windows I highly recommend) 2.       WSL (Windows subsystem for linux) ...