In Part 2, we discuss how a routine firewall rollout at ANU accidentally severed the attackers’ C2, forcing them into noisy, rushed activity that revealed their tradecraft. Suthagar explains the balance between observing for intel and acting to minimize harm, and how transparent, tightly controlled communications—culminating in a readable public breach report—helped rebuild trust. We also unpack why stolen databases without a data dictionary were hard to weaponize, and close with career advic...
All content for Cybersecurity Mentors Podcast is the property of Cybersecurity Mentors and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
In Part 2, we discuss how a routine firewall rollout at ANU accidentally severed the attackers’ C2, forcing them into noisy, rushed activity that revealed their tradecraft. Suthagar explains the balance between observing for intel and acting to minimize harm, and how transparent, tightly controlled communications—culminating in a readable public breach report—helped rebuild trust. We also unpack why stolen databases without a data dictionary were hard to weaponize, and close with career advic...
A Day in the Life of a Penetration Tester with Carson Sallis
Cybersecurity Mentors Podcast
46 minutes
6 months ago
A Day in the Life of a Penetration Tester with Carson Sallis
In this episode, we chat with Carson Sallis, Senior Offensive Security Engineer and Vulnerability Researcher at NVIDIA. Carson walks us through a day in the life of a pentester and shares actionable advice for anyone looking to break into offensive security. He also gives a live demo of fuzzing with AFL (American Fuzzy Lop) and explains how tools like this are used in real-world vulnerability research. Whether you're just starting out or looking to sharpen your red team skills, this episode i...
Cybersecurity Mentors Podcast
In Part 2, we discuss how a routine firewall rollout at ANU accidentally severed the attackers’ C2, forcing them into noisy, rushed activity that revealed their tradecraft. Suthagar explains the balance between observing for intel and acting to minimize harm, and how transparent, tightly controlled communications—culminating in a readable public breach report—helped rebuild trust. We also unpack why stolen databases without a data dictionary were hard to weaponize, and close with career advic...
