blog.gonskicyber.comA Real-World Analysis of Security Risks in Telephony SystemsFollow along as I recount a real-world toll fraud attack which targeted corporate VoIP infrastructure and unfortunately led to serious monetary damages. In this blog, I share my investigation process, some interesting findings, and lessons learned. T...Feb 4, 2025·10 min read
blog.gonskicyber.comCVE-2023-5830: Critical Security Vulnerability in ColumbiaSoft Document LocatorDisclaimer: This information is being published for educational purposes only Background With the help of my colleague @micahvandeusen, in the late-summer of 2022 we identified and exploited a critical security vulnerability present within ColumbiaS...Feb 29, 2024·4 min read
blog.gonskicyber.comEfficient Penetration Testing: A Guide to Tool Installation (Python Virtual Environments)In this blog I aim to cover some of the methods I use as a penetration tester to install and manage tools that I use during my testing. The goal here is to provide a basic explanation of tool management I wish I had when I was starting out. Please ...Jan 23, 2024·13 min read
blog.gonskicyber.comSuccess Tips for Aspiring Penetration Testers: Your Guide to Excelling in the FieldSince graduating from college and embarking on my career as a penetration tester, I've learned quite a bit about the world of penetration testing and offensive security. While I'm certainly no expert - I feel that I've learned some valuable lessons t...Jun 27, 2023·5 min read
blog.gonskicyber.comSnookums - Proving GroundsIn this article we cover the steps to exploit the box Snookums from Proving Grounds! Snookums is an Intermediate rated Linux challenge on the Proving Grounds platform. Enumeration To kick this off we started this box with initial port enumeration u...Jun 10, 2023·6 min read
