Joe Sullivan

@[email protected]
18 Followers
28 Following
15 Posts
Security consultant @trustedsec, Corvettes, hiking, and outdoor adventures. Creator and content producer www.secflux.com
Joe SullivanNov 16, 2024
Started work on a new tool in anticipation of the usual new year slow down. I got some of the basic functionality working. This will be geared towards storing tool results in an SQLite DB for reference and screenshots. My use case is for external penetration tests at the moment.
Joe SullivanNov 9, 2024
Current project #hacktheplanet
Joe SullivanOct 29, 2024

A good way to demonstrate why plaintext creds are bad. In this case Telnet.

I set up an MITM system to capture traffic: tcpdump -X -s0 port 23 -vv -w telnet.pcap

Logged in over telnet as usual from another system.

Extracted telnet creds from telnet.pcap and they presented in a format perfect for report screenshots:
tshark -r telnet.pcap -Y "telnet.data" -T fields -e telnet.data

Joe SullivanNov 30, 2023
Every damn day! 🤘🏻
Joe SullivanSep 14, 2023

I wrote a blog post back in 2020 that's similar to what's happening to MGM right now. Specifically, I covered how to build a security program post-breach. If I were in charge of security at a casino right now, I would be taking a hard look at the threat model, risk assessments, defenses, and incident response.

I would also be thinking about what I covered in this blog post and the activities it takes to start moving in this direction.

#CasinoSecurity #CyberSecurity #Infosec #Ransomware #Breach #CISO #CIO #ThreatModel #SecurityLeadership #incidentresponse #informationsecurity

https://www.sans.org/blog/building-an-information-security-program-post-breach-part-i/

Building an Information Security Program Post-Breach | Joe Sullivan | SANS Institute

How to build an information security program after a breach using methodology from MGT514: Security Strategy, Policy, and Leadership.

Joe SullivanAug 19, 2023
Cathy: We are going to this new place for dinner.
Me: What’s the dress code?
Cathy: Smart Casual
Me: I got this
Joe SullivanAug 9, 2023
Come see us at the TrustedSec suite at Mandalay Bay to discuss web app security and other #infosec topics. There’s a lot of amazing talent in this room.
Joe SullivanJul 15, 2023
Who needs book ends when you can use a sword
Joe SullivanJul 10, 2023
Mobile workstation is complete. This sits in the folded down second row and can be used from the third row. Also sits nicely in the rear of the SUV and easily accessible when the hatch is raised.