cover | coverY | layout |
---|---|---|
.gitbook/assets/1744 (1).gif |
0 |
landing |
Hello and welcome to my security blog! I'm currently a Cyber Security Engineer and considerably involved in Vulnerability Research.
This is the main place I will be documenting hacking, my notes, my methodology, and experiences.
"You must have confidence in your competence."
~ Professor Russell
These notes are an excellent way for me to convey my knowledge, skill set, and a good way to share what I've learned through my experiences. I believe sharing my notes is a great way to give back to others since I would not be where I am without collaboration efforts from others.
Check this out ๐:
{% content-ref url="binary-exploitation/ret2libc/" %} ret2libc {% endcontent-ref %}
I wanted to give a special thank you to Mr. Eltringham for always believing in me during my college experience. I could not have done it without you. I will forever keep your words of motivation and wisdom in the background with each professional decision I make going forward.
Within the last year, I made a switch from Pentesting to Vulnerability Research and couldn't be happier!
How would I compare the two?
I went from attacking computers from the view of a satellite to attacking them from the perspective of looking under an electron microscope.
A solid explanation of vulnerability research:
"We're the weapon that no one saw coming ๐".
We analyze software and hardware components for vulnerabilities and develop Proof-of-Concept exploits for them.
As of lately, I am strengthening my C and Python development skills to become a more competent developer. Want to keep track of my maldev progress -- check out my GitHub repo and my Malware Development page in my Gitbook!
Here I will be covering a bunch of binary exploitation:
{% content-ref url="binary-exploitation/binex-methodology-and-notes.md" %} binex-methodology-and-notes.md {% endcontent-ref %}
{% embed url="https://github.com/0xXyc/binex" %}
Check out my walkthroughs for the challenges below and let's learn together:
{% content-ref url="binary-exploitation/return-oriented-programming-rop/" %} return-oriented-programming-rop {% endcontent-ref %}
Also, be sure to check out my latest pwn challenge writeups from Hack The Box (HTB):
{% content-ref url="binary-exploitation/htb-pwn-challenges/" %} htb-pwn-challenges {% endcontent-ref %}
- A 5-day long assessment where you are tasked with conducting OSINT on a target, breaching a network externally and internally
- The ultimate goal is to become domain admin
- Lastly, you must give a 15 minute debrief to the TCM Security team
- Interactive environment with 27 flags and 14 hosts to compromise
{% embed url="https://github.com/0xXyc" %}