Howdy! My name is Steve Nelson and you happen to stumble upon my personal/private blog, used for publishing my private opinions on random subjects to include things like:
- Offensive Security
- Mobile and Web Stuff
A cybersecurity specialist with over 5 years of experience in information technology and cyber security. SteveSec authored many GitHub repositories including: EvilGoPhish Bash One-Liner and Google Cloud Password Sprayer. SteveSec has extensive experience in penetration testing, working for clients that surround various niches including, but not limited to:
He has performed many different offensive security testing which includes:
- Mobile Application Penetration Testing (Android and iOS)
- Web Application Penetration Testing
- Network Penetration Testing
- Social Engineering
SteveSec also has extensive experience in the public sector as he has spent much time with multiple DoD contracted companies providing cybersecurity and information assurance expertise. SteveSec specializes in Mobile and Web Application Penetration Testing and is currently seeking his Certified Red Team Lead (CRTL or CRTO II) certification.
Completed: Norwich University, Military College of the State of Vermont.
Computer Security and Information Assurance
DenSecure by Wolf & Company: Penetration Tester
- Certified Red Team Operator
- GIAC Mobile Device Security Analyst (GMOB)
- Certified Blockchain Security Professional (CBSP)
- Certified Smart Contract Developer (CSCD)
- eLearnSecurity Junior Penetration Tester (eJPT)
- (2023) Offensive Development Hosted by Antisyphon Training (Offensive Security): Badge
- (2022) First paper on Smart Contract Auditing, what exactly it is, and why you should audit it (Blockchain) What is a Smart Contract & Why Should You Audit It?
- (2022) A comprehensive guide to understanding, remediating, and detecting legacy host discovery protocols. (Network PT) A Penetration Tester's Best Friend - Multicast DNS (mDNS), Link-local Multicast Name Resolution (LLMNR), and NetBIOS-Name Services (NetBIOS-NS)
- (2022) A better understanding of what exactly mobile application penetration testing is and why we do it. (Mobile) Mobile Application Penetration Testing - What's the Point?
- (2022) Vulnerabilities from the past year regarding Smart Contracts (Blockchain) Securing Your Smart Contract: 3 Common Vulnerabilities & How to Prevent Them