Setting Up a Pentesting Environment based on Qubes OS – Step by Step

Qubes OS is a hypervisor based operating system. Qubes OS can host various operating systems such as Linux, Unix or Windows and run them in parallel. Qubes OS can therefore be used to host your own “hacking” laboratory. (source)

Introduction

Due to its virtualization-based architecture, Qubes OS seemed to be the perfect OS in order to set up a pentesting lab that is a) easy to use and b) is separated from your daily-use VMs in a secure way. Additionally, with Qubes OS you can easily import VMs from vulnhub.com or any other sources for testing purposes.

Within this article, we will discuss a step-by-step guidance on how to set this environment up. Preliminary conditions: Running Qubes OS (tested with Qubes OS 3.2), Internet connection, enough space on disk.

Continue reading Setting Up a Pentesting Environment based on Qubes OS – Step by Step

Technical Setup for Long Distance Desert Hikes

Introduction

One of the bad habits of the 21st century is to drag electronic devices wherever we go – I’m not different here and I would hardly go to the desert without any technical device. Some of them I carry with me simply for security reasons (DeLorme, Phone) – some are for fun (Camera). I’m not the kind of person who leaves life-saving items at home simply because I can or it’s fancy to be oldschool – I’m pretty sure that I would heavily regret this decision once I’m in a situation where my satellite messenger is the only and last option I have and will decide whether I will live or die.

Continue reading Technical Setup for Long Distance Desert Hikes

New Zealand – 3 Weeks on the Te Araroa Trail

Back in 2013, I joined for one month a couple of friends hiking the Te Araroa Trail southbound. We met close to the trail head of the Whanganui River where you basically need to rent canoes in order to go down the river until you reach the ocean close to the town of Whanganui. The river was relatively calm in this section, but should never be underestimated since heavy rain can let grow quickly. (Further upstream, you can obviously find nice spots for packrafting.)

Continue reading New Zealand – 3 Weeks on the Te Araroa Trail

On the Risk of Connecting and Collecting it All

The past has shown and the present demonstrates in an impressive way that protecting sensitive assets is hard – if not even impossible. Too many companies fail to protect their customer’s information properly and this situation will continue in the future. Normally, after a breach, the InfoSec community preaches that additional security controls need to be implemented: strong passwords should be picked by users and hacked ones need to be changed, 2-factor-authentication should be used, patches need to be implemented, data needs to be encrypted and many more.

Continue reading On the Risk of Connecting and Collecting it All

desert hiker & packrafting enthusiast & interest in information security