I’m almost ready to deliver the purple team exercises to my team at SDSC. We might have an issue or two overloading my network with scans, but i’ll attempt to stagger them. Since Security Onion performs full packet capture, I previously ran through the exercises, and will provide the team with a pcap of this traffic. This will enable everyone to analyze the alerts and traffic at their own pace, or at a later date. I’m going to do a formal write up of the actions, and post it to this site. I might even film a video explaining my actions.
I also started getting back into WiFi pentesting. I have prior wifi auditing experience with a wifi pineapple nano. I’d have to say, overall I was disappointed with the device, and never got it working consistently. My employer, and surprisingly a few customers I tested had 5GHz networks, which the nano was ineffective at monitoring/deauthing. I recently purchased the Alfa AWUS036AC, which I confirmed can monitor and deauth 5GHz clients. It’s more of a side project for now, but I’d like to be more hands on with wifi evaluation as well.