My Lockdown Tips

I have had the privilege of working from home. If you are new to working from home, let’s chat.

  1. Go through the same routine as if you were going into the office. If you shower, do that. If you drink coffee, do that. Get dressed. Even if you don’t have to webcam for work, it’ll help with productivity.
  2. Establish your work area. It can be rough to bring work home because the separation between your personal life and work becomes a thin line that can go either way. Either you see chores you want to do while working or you allow work to leak over past work hours because you have just a little bit more.
  3. Keep your normal hours. This may be tough if you have others living with you, but try to be consistent. Consistency is key.
  4. Take breaks. Even just a small little sit down on the porch/balcony. You need to breathe. You need to not stay seated all day.
  5. Listen to music. It can feel lonely if you have no sound.
  6. Use your messaging system. Keep in contact with coworkers. Don’t let yourself become too lonely. If your work doesn’t use a chat, use your social media (don’t overdo it).
  7. Establish a “closing” routine. At the end of your work day, create a routine like closing your laptop and having a snack or maybe changing clothes into something more comfortable (similar to when you come home from the office).
  8. Watch your posture. At the office, you have an office chair and a desk. At home, you may be tempted to work a few hours from the couch. Don’t let yourself hunch over too much.


For general lockdown,

  1. Use Twitch or YouTube to chat with people. You can stream or watch other streamers. It’ll let you into the life of others quarantined at home and make you feel closer to others.
  2. Utilize FaceTime/Skype/Discord/snapchat to video chat with your friends and family. Even just having it on while you both are doing something can be helpful in taking away the lonely feeling.
  3. Catch up on that series you said you’d watch.
  4. Pick up that video game you thought you’d give a try.
  5. Read a book. Sign up for Audible and listen to books.
  6. Get some rest. We are always in a fast paced life and forget to rest. Allow yourself to be calm. Allow yourself to breathe. Allow yourself to rest.
  7. Make sure to eat your meals. Don’t forget meals. Don’t snack too much all day. Eat like you normally do or use this time to eat better. Learn to cook if you don’t do it often.
  8. Do small workouts at home. You can’t go to the gym but look up body weight exercises. I use the Ring Fit Adventure game while home. It’s fun.
  9. Keep your place clean. A clean space is a more welcoming space. Don’t get lazy while you’re home.
  10. Become Tik Tok famous. lol jk. But it might boost your creativity.
  11. Take up a new hobby like drawing, painting, bead art.
  12. Do Twitch Sings! It’s like karaoke at home with people online.
  13. Download some puzzle apps. It’s good to keep your mind active. And the satisfaction of solving puzzles will help with the positive attitude.
  14. Use the dating app you said you were done with or would never use. I’m not saying you have to go on dates, but learn about someone new. Engage in conversation. Yeah that thing they did in the old days.

That’s what I have for now. If you have any other suggestions, leave them in the comments. If you have any questions, also leave them in the comments or directly message me. We, as a community, will get through this.

Writing A Penetration Test Report

Penetration testing can be fun. You get to PWN all the things. You get to solve puzzles. But when it is all done, it’s time to write the report for the client.

If you’ve never written a penetration test report, this post is for you. What I did is exploited SOME of the vulnerabilities in Metasploitable 2 and created a sample penetration test report.

The sample report:

Here are some things to make sure you include:

  • Executive Summary (Keep in mind who your audience is)
  • Scope (This should have been determined during pre-engagement)
  • Methods (What is your penetration methodology or formula?)
  • Risk Rating (A risk rating is important in determining which risks need to be mitigated and which could possibly be accepted)
  • Impact (What happens if an attacker exploits the vulnerability?)
  • Remediation (Exploitation is fun, but we need to help the blue team know what the corrective actions would be to mitigate the issue)

Screenshots and steps to reproduce are great for showing the client how you were able to exploit the vulnerability. It also allows the client to check their fixes when they try to reproduce.

This report template is not the actual report template I use in penetration testing, but it’s something I’m willing to share. Feel free to use it. Also, feel free to leave comments about what else you think should be added or any other recommendations.


Dislocker USB with Bitlocker (LAB)

This lab will take you through using Dislocker to view data on a USB disk image that has Bitlocker encryption.  The password for Bitlocker will be provided.


Real life use: Hard drive with Bitlocker fails to boot.  You need to recover data from it.


Bitlocker USB DD image:

MD5 Checksum: 90860ff85a78f1421e6f26f44c10b8ae

In Kali, you can use this to get the mount 🙂 :

losetup --partscan --find --show encrypted.001

The Bitlocker Password is password

Use this Procedure:

The procedure can be altered slightly for this lab.  I used a Kali Linux Virtual Machine instead of a live USB to complete this lab.  In this lab, I use the password rather than the recovery key.  Notice the slight difference in the command when using each.


Lab created by @GameOfPWNZ

Dislocker: Recovering Data from Drive with Bitlocker – Requires Bitlocker Recovery Key or Password

This procedure is for recovering data from a disk drive with Microsoft Bitlocker Full Disk Encryption when the drive no longer boots.

Also, a lab for practicing this procedure will be provided here:

Required tools



  1. Make sure the hard drive with Bitlocker is connected. If you never removed it, then you’re good.
  2. Boot from Kali Linux Live USB or CD/DVD.
  3. Update:
    apt-get update
  4. Install git and dependencies:
    apt-get install git libfuse-dev libmbedtls-dev cmake

5. Git clone Dislocker:

git clone git://

6. Change working directory to the dislocker directory

cd dislocker

7. cmake the Dislocker directory

cmake .

8. Make and make install

  1. make
  2. make install

9.Find the drive with Bitlocker

fdisk -l (should look like /dev/sda# if SATA/SCSI)

10. Create directories tmp and dis

  1. mkdir /mnt/tmp
  2. mkdir /mnt/dis

11. Run Dislocker

  1. Using Recovery Key: dislocker -v -V /dev/(whichever is the one you found in Step 9) -p<Bitlocker Recovery Key> — /mnt/tmp
    1. Hopefully you saved your recovery key in Active Directory or somewhere you know. The Recovery key is 55 characters with the hyphens.
  2. Using Bitlocker Password: dislocker -v -V /dev/(whichever is the one you found in Step 9) -u<Bitlocker Password > — /mnt/tmp

12. Check if it worked

ls /mnt/tmp     (You should see a dislocker-file. If so, then it worked)

13. Mount the volume

mount -o loop,ro /mnt/tmp/dislocker-file /mnt/dis

14. Change working directory to the volume

cd /mnt/dis

15. List out directory listing


16. Backup files

To make this easier, open up the GUI file explorer window (2x). In one, open the USB drive. In the 2nd, open up /mnt/dis. Then copy the files that you need to the USB.

17. Profit

If you found this tutorial useful, let me know in the comments 🙂 And make sure to check out the lab 🙂


Wireless Shack Doc – CD/DVD

Null-Byte Doc

Kali Doc

Interviews For Beginners – Guide/Opinion/Advice

If you’re seasoned at interviews and you’re constantly getting offers, this post is not for you. This post is for the people who can’t seem to get an offer or feel like they are dropping the ball when it comes to interviews. I’m not a hiring manager of any sort, but I have some advice and tips I’d like to share.

First, let’s start with what I feel is the biggest part of the interview: Know your audience. This is true for an interview and any presentation/talk. In an interview, you are a salesman. You’re selling yourself. But knowing who you’re selling to will help determine diction and depth of explanation. So, who’s giving you the interview? Possible future colleagues? Possible future manager? HR? This will determine how technical you should get.

Now, let’s talk about the “I don’t know” responses. It’s fine not to know everything thrown to you in an interview, especially if you’re fresh; however, I would not suggest answering with a simple “I don’t’ know.” For most questions, it’s not about seeing if you 100% know the answer, but the process of you trying to figure out the answer. “I’m not entirely sure, but knowing process A and process B and little of process C and how they relate, this seems like a possible solution” sounds a lot better than “I don’t know.” You may be off, but it shows that you put some thought into a question and had a bit of troubleshooting techniques into your answer. You want to know how processes relate. Also, don’t be scared to think out loud. It is encouraged. You shouldn’t have a long pause. Talk yourself through a problem. Remember that in the real world, you’ll most likely have Google-Fu to use.

That brings me to my next point. Don’t cheat. If you’re asked a question in a phone or Skype interview, don’t start hacking away at your keyboard. The interviewer can hear! If it is something that you’d need to Google, say that. Nobody is impressed with cheaters and liars. You know when you were in school and your teacher said you wouldn’t have a calculator at any time. Well, that’s not true, but you learned the processes better without a calculator. The interviewer knows the strengths of Google and Google-Fu is a really good skill to have, but don’t try to pass it off as remembered knowledge.
Now, I’m not going to focus on what to wear too much. You should know the popular opinion. Don’t wear red. Dress appropriately (slacks, dress shirt, dress shoes, tie, maybe suit). But remember to look neat. I’ve seen wrinkled suits. Get it pressed. Iron or steam your shirts. Why go through the effort of wearing nice clothes if you’re going to look sloppy. Tuck in your shirt. Buy clothing that fits you. Baggy clothing looks sloppy. Be clean shaven. Keep your hair neat.

Be yourself. Unless you’re a horrible person haha. People want to hire someone that is knowledgeable and someone they feel like they’d get along with. You’re going to see each other a lot, so you don’t want to clash often.
Ask questions! It shows you’re interested and shows that you’re not afraid to ask questions. What would a typical day be like in the position? What is the work culture like? What type of growth plan does the organization offer? What type of mentorship program does the organization offer? How big is the team that would be working with you? Remember that while the interview is important in selling yourself, the organization is also silently selling themselves. That means if you’re the right candidate for them, you have to find if they’re the right organization for you.
Take notes. It’ll help you come up with follow up questions. It’ll also help you look up stuff later that you didn’t know during the interview.

Be prepared to answer anything about your resume. Don’t lie on your resume. If something is listed as a core strength on your resume, you better know it.

Be prepared to answer questions that relate to the job posting. The job posting would discuss some of the responsibilities that you’d have in the position. Do you actually know them? Make sure you do or at least can be trained pretty easily.
Now, eye contact. It’s very important. Don’t keep your head down. Keep focused. If you have multiple interviewers, don’t just focus on the one that asked you the question. It’s like a presentation. You’re not just addressing one person. You’re addressing them all.

Those are some tips/advice or whatever you want to call it. Comment what you think.