hey guys Pat here we're going to be doing a day in a life as a pencester SL cybercity engineer whatever you want to call us we're going to go through a day with myself first things first brush the teeth and fix this hair let's go now it's time to do the hair this is all I do I work from home put some gel put some water Tada let's go downstairs and start the day all right guys so this is a little tour of my office here it is this is what all goes down behind the scenes so let's turn on the monitors and get the day started turning on the monitors is the first thing so I always go from left to right for some reason I don't know or from right to left turn on that bad boy turn on this guy and then the last one let's turn on this guy over here all right so here we go the day is about to start so the monitors are on we're ready to cook so I just want to give a little breakdown of what I do and then we'll get into into the fun stuff and showcasing a few tools that I've used over the years on my day-to-day Journey as a pentester as a security engineer so the first thing I do obviously I come downstairs I check my emails right see if there's anything urgent any urgent alerts if we have any urgent alerts then we can go ahead and address them that's pretty much the first thing that I do right and then we want to let the security team keep them informed there's any vulnerabilities do any kind of uh you know overview of critical exploits that we are going over in our current environment or if we're doing a pen test for a organization okay so the next thing what I normally do is plan and research what does this mean as a pentest we want to review different kind of exports out in the wild right so we review the scope of a pent test first and then we can go and go into the wild and whatever it see if is actually still legit we can set it up in a lab prior to even exploiting an actual client because we don't want to bring down a client right so this can be tested on applications networks systems apis Wireless whatever you name it it's probably exploitable right so I'm just reading down my little list then we want to do some information gathering right we want to gather the information about the Target and then such as IP addresses domain names publicly accessible information when we do our ENT also known as open- Source intelligence which is pretty much a big key for doing penetration testing right so what kind of uh tools do we use right what do you use as a penetration tester normally my go-to is C Linux that's my operating system and then we can use met exploit we can use end map burp Suite you know the list goes on and on and on depending on what kind of assessment that we want to do right so what does my midday look like when you know in the middle of the day he what do we do so when we're actually conducting a penetration test what does that mean we're doing an external we're doing an internal we're doing a web application engagement right all this is information that you need to know whatever you need to know as a penetration tester and what you're pentesting right like I said the tools that we use you know I just gave you some we can use a vulnerability scanner as well like nesus qualis rapid 7 you know the list goes on there as well and what are we checking for obviously it all depends on what you want to test what is the scope of the engagement what we're testing that's what you know what you want to actually Target right so then about lunchtime I take a break you know I get get out of my computer go eat something and this is the beauty of working from home right I literally just get up off the seat open that door back there and just go eat something in a few hours and and then after lunch normally I'll continue the whatever the exploitation post exploitation whatever I'm doing for that specific penetration test right depending on the findings of what we found during that pen test you know we'll spend more time exploiting complex systems networks you know such you know whatever we want to do right and then also we want to do is discover any sensitive data sensitive information from the client we don't want to you know showcase that we obviously want to offis that but that's for a whole another topic right and then the last thing that we normally do is document everything right we write a report my favorite not you know you do your pent test report you document your findings and all that stuff okay and then that's not the last thing that's the second to last thing now we have our document or our pentest ready to go now we can go debrief this with the client showcase what we we found what we were able to exploit and all that fun Jazzy Jazz okay so my evenings me personally I like to go to the gym after work decompress have my me time and when I come home I normally watch NHL or hockey right so normally if I'm doing self-development that's what this is going to be more about what I'll do is do some writeups on some whatever ctfs review my daily work whatever I did that day I'll I just I just have a uh list here you know professional development like I said spend some time learning new techniques new tools uh which's trending in cyber security or offensive security and you know attending webinars you know practicing different techniques like I said and then before logging off I want to make sure all the data that we collected throughout the day is securely stored right if it's past passwords if it's data just securely store that information so no one can access it right that's our that's our job right security engineers and make sure the internal team has this encrypted copy and make sure it's protected that's pretty much it as a pent tester right we'll get into the whole Jazzy Jazz of on my computer doing some hacking sacking but this is just an overview of what we do on a daily basis what I want to talk about is some education right educating or my education journey I went to college I did my Master's Degree and I have quite a few of certifications under my belt so is college necessary to get into penetration testing or you know cyber security absolutely not but it was a journey that I took okay my first job in cyber security was a penetration tester I went from being a system administrator a network administrator Cloud engineer and then I transition to offensive security I didn't do a sock analyst I was never a sock analyst and did all that stuff but I did security engineering and penetration testing and move my way up the ladder okay so what was an inspiration along this way of getting into cyber security protecting data protecting people and helping right educating others so they don't get hacked right cuz when you're actually hacking or doing penetration testing you're actually educating the client or an end user or whatever right so that's pretty much you know we went through my job duties right what do I do on a daily basis um when I'm looking to do more that's why I make YouTube videos I teach courses and i' like to give back to the community to inform them as you know the next generation of cybercity Engineers right I don't go to an office this is my office my home office so that's that's the beauty of working from home and that's pretty much it for me you know yeah that's pretty much my journey so now what we'll do is jump on my computer and I'll showcase some tools shall we get on the get on the computer now finally after all this Jazzy Jazz talking all right let's go hey y'all all right so now we're on the desktop another day another dollar so what we're going to be doing is doing a like little scan of my small Network and this is pretty much the same thing I do in a client Network when you're doing an internal uh attack vector or if you're doing an external but in this case I want to showcase my uh I want to showcase my network all right so here we have a a domain controller here it's at 192.168.1 100. 250 and then we have a Windows 10 machine it's at 220 okay so I have a little Network right so here is my attack box when you're on an internal assessment you you may not know about those machines but in this case we do all right so what I want to do I did a scan really quick so I did this demo scan right here of my domain controller right this is this is after you do all your enumeration you'll have all this information but obviously to speed the process up this is what we did so let's go ahead and CAD out this demo and I want to go over what this is right this is an end map scan we have ports open so in my assessment I'll take this for evidence or for my report and we can see DNS is running Port 80 for cobr roing 135 uh 139 389 for ldap so we know active directories on this box 445 we know there's some shares and so on and so forth so we can take this scan and now what can we do right so what I want to do now if I'm on your network we can run a tool called responder this is the first thing I normally do so I'll run responder on my on my uh on my interface so let's come back up here so Dash eyes for the interface that I'm scanning on and my interface is eth0 that's where my interface sits on that 192.168.1 100 Network now what is this doing this is listening for any incommon connections to my machine so what am I trying to do I'm trying to capture your hash file if I capture your hash file I can take that hash offline and crack it and that's what we'll do we'll demonstrate that so this is pretty much what you do on an internal assessment so I'm going to be over here willy-nilly I'm Pat the user not Pat the hacker Pat the user okay so where is my Cali box sitting at I don't even know so let's get that IP address so let's do IPA and my my IP address is 213 so I want to copy this hopefully I can paste it over here so what I want to do I want to just go to I want to go to uh my file explorer just like a normal user maybe you go to like this computer and maybe we're just going to do hopefully that works okay so what I'm going to do is do whack whack so this is pretty much like scanning a network share right so I'm going to go ahead and hit enter and I'm just going to put my credentials like f Castle right okay and then my password is password one right but I think I put it wrong let me see password one let me make sure that's correct yep and I want to go ahead and just hit okay all right it didn't do anything right so for a user they probably like oh my my credentials didn't work or whatnot but as a hacker let's come over here we can see that there's all right don't worry about this because I already compromised this box so let's go ahead and hit cancel here so what we have here let me just do an LS and we have this hashes right so let me cat hashes and this is the hash that we need to crack right so now we compromise that hash right so what can we do now with that hash right we can go ahead and run something called John the Ripper and we can go ahead and crack that so let me go ahead and do that now I'm just reading my note to make sure we could do actually we're going to do hashcat so let's do hashcat and my mode is going to be 5600 because that's what we uh 5600 is the ntlm hash mode so we can hit show because I already cracked it and if you see here right here is password one all right so now what can we do with that now what we can do is authenticate we can try to get onto that machine and all that stuff so that's pretty much it you know now we we have credentials now we can just go to town do whatever we want to try to do we can try to remote into it we can try to authenticate to it and you know what just to Showcase that let's go ahead and authenticate to it shall we let's go ahead and just use PS exact and I think that is is that my so this is f uh Marvel is my domain F Castle is my user the password is this at the the the the IP address but let me make sure that's the IP address for this machine is it 220 let me make sure yes it is 220 okay so now let me just hit enter and here we go now we are on this box we can do an IP config uh host name host name and here you go we're Punisher so we're on that machine so we can do a dir we can see where we are obviously we're we have a lot of files and so on and so forth holy moly let me try to kill that okay you guys get the gist so we're on that machine so what can we do when we're on the machine we can upload malware we can upload um different kind of tools right and that's pretty much it so this is pretty much the day to day Ina life or day-to-day activities for a pencester so hopefully it's been informative for you guys and take care Jacob H here thank you for watching the video I hope you really enjoyed it and I'd also like to remind you if you're truly serious about your career and information technology then be sure to check out our it engineer training programs at www. zero engineer.com