Certified Ethical HackerReal World ExprianceDriven by Progress

Certified Ethical Hacker

A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. EC Council Certified Ethical Hacker since July, 2016.

Learn More

Real World Expriance

With over a decade of real world experience in Information Technology, I have the skills and knowhow to engineer, implement, manage, defend and offensively assess risk and vulnerability of virtually any computer information system.

Learn More

Driven by Progress

With my experience working in global teams and managing complex Information Technology projects. I am driven by progress toward the greater goal. Able to visualize the 'end game' or 'big picture' across technologies, business process, and business goals.

Learn More

Actively pursuing opportunities to further my career.

Contact Me
John w. Little
Ethical Hacker | Enterprise System Architect | Cyber Security | Penetration Testing | Dev-ops | Risk Analysis

Enterprise Architecture

Understanding business processes and goals is the first step in creating a technology infrastructure to accommodate business.

Risk Analysis

Risk is an ambiguous factor in both business and the technology that supports it! Understanding the risk will drive the innovation.

Penetration Testing

The best way to engineer, implement and efficiently operation any technology platform is to think like the guy that wants to break it, or steal it.

Dev-Ops

“Dev-Ops” is not a buzz word; it is combining your development initiatives with your IT operations, and creating stable systems.

My Blog

11
May
Little, John w.
No Comments

Write-Up: SkyDog Con CTF 2016 – Catch Me If You Can

Introduction So our target today is another Capture the Flag game from VulnHub. SkyDog Con CTF 2016 – Catch Me If You Can [Download] Difficulty: Beginner/Intermediate Instructions: The CTF is a virtual machine and works best in Virtual Box. Download the OVA file open up Virtual Box and then select File –> Import Appliance. Choose […]

Read More
11
May
Little, John w.
No Comments

How to Create Malware for Android Devices

This was an interesting topic that I ran across not too long ago… and seems that the process for generating a meterpreter payload for an android device is very simple. However actually deploying this ‘malware’ payload to android devices in the wild may be a bit of a different story. Likely it would take plenty […]

Read More
11
May
Little, John w.
No Comments

Write-Up: IMF: 1 – ArcSecurity>NET

okay so lets get started a vulnhub hosted CTF target.. Welcome to “IMF”, my first Boot2Root virtual machine. IMF is a intelligence agency that you must hack to get all flags and ultimately root. The flags start off easy and get harder as you progress. Each flag contains a hint to the next flag. I […]

Read More
11
May
Little, John w.
No Comments

Write-up: /dev/random: Sleepy

So to start off my new series of articles “Garden of Badb” we will begin with a full write-up of a publicly available vuln-hub virtual machine image sleepy. Lets Get Started! Setting up the labnet okay so we are dealing with a know vulnerable target, from a respectable source; however just to be safe we […]

Read More
11
May
Little, John w.
No Comments

Vulnerability Management Maturity

“In order to efficiently protect an IT environment you must know how to efficiently attack one” the inverse is also true “In order to efficiently attack or compromise an IT environment you must know how to build and protect one”.   The Battlefield Why do I call it a battlefield? The void in which an […]

Read More
11
May
Little, John w.
No Comments

Agenda Defined

OSCP Holders Can … Taken from the Offensive Security web site the following statements defines what the Offensive-Security Holder can do. 1- Use multiple information gathering techniques to identify and enumerate targets running various operating systems and services. 2- Write basic scripts and tools to aid in the penetration testing process. 3- Analyze, correct, modify, […]

Read More