Tech Help

Primer:      I want to make a tutorial that I could show my kid to help them understand hacking, methodology, basics, etc... so this is an introduction post, more will follow, and maybe I can add a video series to go along with this.     The first thing to talk about, is what and why. Technology, while ever changing, can will always fall victim to several problems.  First is the idea that use case when created, won't match use case performed. Such as, when creating a remote for a TV, it may use infrared to point to the TV, and that works fine when one TV is in the same room at a time. When more then this is added, conflicts are caused and the light used for remote is picked up by the infrared sensor on multiple TVs. Change channels on one, both go. Second is that nothing created by man, is or is capable of creating, flawlessness. Business profits drive innovation, but not perfectionism (or the attempt to become close to perfect).     With these is...

LET US KNOW! Don't be afraid to let us know if you have any suggestions for blog posts or want any advice to show up on here.  Thanks for reading If you need any IT or CyberSecurity work remotely or within the DFW area, please contact us over at  FeemcoTechnologies .

Empowerment and enablement  I find and hear far too many places, from small business to large enterprises, not really giving their teams the empowerment or capabilities to properly make their pay turn profit for the companies. IT administrators, technicians, and support staff not enabled to create safe or secure lab environments to test configurations. Admins not allowed to automate, orchestrate, or mechanize anything from regular tasks needed for their job, to health checks across the network. But my biggest concern is the emphasis on the world of cyber security, yet only using them for check boxes and never enabling your security teams. Some generic examples of this issue: Company 1: In this company, there exists a small security team containing 3 analysts, 1 engineer, and 1 ciso. This team was hired on the idea that we don't have much, but we need large return on investment. As security is one of the largest ROE you can have in a modern landscape, it makes sense. Now give these ...

What is amass? I'm a big fanboy of many of the owasp tools, like zaproxy, but in this case lets talk a little bit about amass.  Like many other tools, it's good for searching for subdomains and subdomain bruteforcing, but it does so much more than that. In this example, simply asking amass to enumerate the domain feemcotech.solutions (amass enum -d feemcotech.solutions) we get more than just subdomains, we get various records and information available about the resolutions and ips related as well. feemcotech.solutions (FQDN) --> mx_record --> mx00.ionos.com (FQDN) feemcotech.solutions (FQDN) --> mx_record --> mx01.ionos.com (FQDN) blog.feemcotech.solutions (FQDN) --> a_record --> 74.208.236.20 (IPAddress) blog.feemcotech.solutions (FQDN) --> aaaa_record --> 2607:f1c0:100f:f000::200 (IPAddress) 74.208.0.0/16 (Netblock) --> contains --> 74.208.236.20 (IPAddress) 8560 (ASN) --> managed_by --> ONEANDONE-AS Braue...