July 29, 2024
Metamorphic Malware
Metamorphic or self-modifying code is an advanced technique used by virus and malware authors which enables their malicious program to rewrite itself in a way that the code remains functionally equivalent but looks different each time it is executed. This characteristic prevents antivirus software from detecting the malware using static signatures and makes reverse engineering more difficult.
January 27, 2024
High-Level Red Team Training: Cybernetics & APTLabs Review
A few months ago, I published a blog post where I reviewed the first three HackTheBox Pro Labs that I completed in summer 2023: Offshore, RastaLabs and Zephyr. Over the winter months of this year, I took on the challenge to complete the two remaining advanced labs: Cybernetics and APTLabs. They are both rated as highly challenging, realistic and modern training environments for red team operators and penetration testers.
October 10, 2023
Kerberos Authentication Protocol
The Kerberos protocol provides a single-sign-on (SSO) mutual authentication solution for insecure networks or hosts, where clients and servers verify each others identity based on symmetric-key cryptography and a ticket-based authentication system. Most commonly used in Windows Active Directory environments, a user only has to enter their password once to be able to access a multitude of servers, shares or other resources, while the password is never directly sent across the network, unlike in less secure alternatives like NTLM.September 7, 2023
Intermediary-Level Red Team Training: Offshore, RastaLabs & Zephyr Review
During the summer months of July and August of 2023 I had the opportunity to complete three of the six buyable HackTheBox Pro Lab certifications: Offshore, a Penetration Tester Level 3 lab, as well as RastaLabs and Zephyr, both of which are Red Team Operator Level 1 certifications respectively.