Press "Enter" to skip to content

Dan Borges – From Infosec ITAdmin to Red Teamer to CTF Organizer

Last updated on May 19, 2019

In this first episode, I chat with Dan Borges, a professional red teamer, blogger, and security tool developer.

Dan discusses his early experiences using and exploiting computer systems, how InfoSec experts work with companies, and a new tools he and other created and released this year!

Episode Highlights:

  • Dan explains how he became involved in information security,
    including his introduction to programming through a Lego robotics
    program.

  • His early experiences as a pen-tester—i.e. a penetration tester, who
    looks for system security weaknesses—and why it’s difficult to get
    hands-on experience in that field.

  • The benefits of becoming an Offensive Security Certified Professional
    (OSCP).

  • What does a red team do in an organization, and how is it different
    from pen-testing?

  • Dan describes the day-to-day life of a pen-tester and the kind of
    conflicts they can run into.

  • A few war stories from the trenches of InfoSec, as well as some of
    the tools pen-testers use.

  • How being grounded led to Dan’s earliest hacking experiences, and the
    ways his parents fostered his interests and mentality.

  • What conferences should InfoSec beginners check out?

  • Fun and beneficial ways you can “hack” reading.

  • Dan’s tips for those starting off or looking to transition into
    Infosec.

  • An in-depth look at one of the newer tools Dan uses for his work.

  • The rules and intricacies of InfoSec competitions.

Quotes:

“It’s such a catch-22 to get practical, hands-on experience to go to these jobs because, y’know, hacking’s illegal, right?”

“We don’t just go in and blow the brakes off people, we’re trying to measurably improve security.”

“It was a constant escalation war, cat-and-mouse like that. They’d take something away and I’d figure out how to use the computer with that limitation.”

Links:

Dan Borges’ personal blog: http://lockboxx.blogspot.com/

Dan’s LinkedIn: https://www.linkedin.com/in/borges1337/

Dan on Twitter: https://twitter.com/1njection

Dan and Alex’s DEFCON Talk on Gscript: https://www.youtube.com/watch?v=8yjMlMf8NpQ

Gscript: Genesis Scripting Engine: https://github.com/gen0cide/gscript

NationalCPTC (Collegiate Penetration Testing Competition): https://nationalcptc.org/

Outro Music: Missing You by Trash80: https://trash80.bandcamp.com/track/missing-you

Be First to Comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.