Eric Conrad

Author, SANS Faculty Fellow, and CTO of Backshore Communications

Thursday, January 12, 2023

Blind Data Exfiltration Using DNS and Burp Collaborator

Here's a copy of my slides for my SANS webcast Blind Data Exfiltration Using DNS and Burp Collaborator:

Blind Data Exfiltration Using DNS and Burp Collaborator

Here are the links:

Link to the webcast (this will link to the webcast archive afterward)
DNS-Exfiltrate Github site
DNS Query Length... Because Size Does Matter

Posted by Eric Conrad at 11:21 AM No comments:

Thursday, April 07, 2022

Here's a list of links from my AtlSecCon 2022 talk Information Security for the Long Haul: Building a Career That Lasts.

Link to my talk
Cliff Stoll makes Klein Bottles
Cliff Stoll on Numberphile
Stuck by Amy Reardon
$300 in Google Compute Credits
Free Google Compute Training
Free AWS Training
Free Azure Training
East Coast Infosec Podcast We All Have Our Masters Degree!" with Eric Conrad
Toastmasters
Sears-Halifax Toastmasters Club
Schooner Toastmasters Halifax
Creatively Speaking Toastmasters Halifax

Posted by Eric Conrad at 10:25 PM No comments:

Wednesday, August 19, 2020

Decrypt all the Things: How Encryption is Impacting Network-Based Security Controls

Here's a copy of my SANS @Mic webcast slides: Decrypt all the Things: How Encryption is Impacting Network-Based Security Controls

Posted by Eric Conrad at 12:45 PM No comments:

Wednesday, June 24, 2020

Threat Hunting via DNS

My SANS @Mic talk Threat Hunting via DNS

Link to the Youtube video.

Here are the links:

DNS New World Order: QuadX! DoH! DoT! Da Fuq?
Paul Vixie on DoH
Firefox continues push to bring DNS over HTTPS by default for US users
Firefox to enable DNS-over-HTTPS by default to US users
Firefox HTTP logging
Tutorial to setup your own DNS-over-HTTPS (DoH) server
DNS-over-HTTPS with Pi-Hole
https://github.com/MarkBaggett/domain_stats
https://www.arin.net/resources/registry/whois/rdap/

Posted by Eric Conrad at 1:34 PM No comments:

Monday, June 08, 2020

CISSP Cram Session

Here are the slides for my CISSP Cram Session webcast.

The webcast is available here: http://sans.org/u/140g

Posted by Eric Conrad at 10:29 AM No comments:

Friday, May 22, 2020

BSides Halifax

Here's a link to my BSides Halifax talk Threat Hunting via DNS

Posted by Eric Conrad at 11:23 AM No comments:

Monday, January 13, 2020

Here's a link to my SANS Miami 2020 keynote talk:

Threat Hunting via Sysmon

Posted by Eric Conrad at 5:16 PM No comments:

Older Posts Home

Subscribe to: Posts (Atom)

About Me

Eric Conrad: Peaks Island, ME, United States; CTO, Backshore Communications

I am a SANS Faculty Fellow, co-author of SANS Security 511, MGT 414, and Security 542.

I am GIAC GSE #13.

I am a graduate of the SANS Technology Institute, with a Master of Science in Information Security Engineering (MSISE)

My Amazon author page

Email me: blogger7@backshore.net

Mastodon: conrad@infosec.exchange

View my complete profile

My videos and podcasts

Cyber Security Interviews - You need to be interested beyond 9-5
DerbyCon 2017: Introducing DeepBlueCLI v2 now available in PowerShell and Python
Paul's Security Weekly #519
How to become a SANS instructor
DerbyCon 2016: Introducing DeepBlueCLI a PowerShell module for hunt teaming via Windows event logs
Security Onion Con 2016: C2 Phone Home
Long tail analysis

CISSP® Study Guide

CISSP® Study Guide, 3rd Edition

Twitter

Follow @eric_conrad

LinkedIn

My Books

CISSP Study Guide 3E
Eleventh Hour CISSP 2E

Join My Lists

CISSP
Sec511 Alumni

Upcoming Conferences

http://www.sans.org/instructors/eric-conrad

My Infosec Papers and Links

Waking Sleeping Dogs: Information Security Ethics
MGT 414 Images
CISSP Study Guide Errata

SANS GIAC Certifications and Gold Research

My SANS GIAC certifications
Detecting Spam with Genetic Regular Expressions
A Heap o’ Trouble / Heap-based flag insertion buffer overflow in CVS

Blog Archive

▼ 2023 (1)
- ▼ January (1)
  - Blind Data Exfiltration Using DNS and Burp Collabo...

► 2022 (1)
- ► April (1)

► 2020 (5)
- ► August (1)
- ► June (2)
- ► May (1)
- ► January (1)

► 2019 (3)
- ► November (1)
- ► May (1)
- ► April (1)

► 2018 (4)
- ► December (2)
- ► April (2)

► 2017 (2)
- ► September (1)
- ► April (1)

► 2016 (5)
- ► October (1)
- ► September (2)
- ► August (1)
- ► April (1)

► 2015 (4)
- ► December (1)
- ► November (1)
- ► April (1)
- ► January (1)

► 2014 (2)
- ► April (1)
- ► March (1)

► 2013 (3)
- ► June (1)
- ► May (2)

► 2012 (6)
- ► September (1)
- ► July (2)
- ► May (1)
- ► March (1)
- ► February (1)

► 2010 (6)
- ► September (1)
- ► August (2)
- ► July (1)
- ► May (1)
- ► March (1)

► 2009 (9)
- ► November (2)
- ► August (1)
- ► June (1)
- ► April (1)
- ► March (4)

► 2008 (13)
- ► December (3)
- ► November (1)
- ► October (3)
- ► August (1)
- ► July (1)
- ► April (1)
- ► March (2)
- ► February (1)

► 2007 (21)
- ► December (1)
- ► November (1)
- ► October (3)
- ► September (2)
- ► July (2)
- ► June (4)
- ► April (3)
- ► March (3)
- ► February (2)

Network/Security Blogs

SANS Technology Institute: Security Laboratory
The Internet Storm Center
F-Secure's Security Blog

Awesome Inc. theme. Powered by Blogger.