Hello and welcome to my security blog! I'm currently a Cyber Security Engineer and considerably involved in Vulnerability Research.

This is the main place I will be documenting hacking, my notes, my methodology, and experiences.

"You must have confidence in your competence."

~ Professor Russell

These notes are an excellent way for me to convey my knowledge, skill set, and a good way to share what I've learned through my experiences. I believe sharing my notes is a great way to give back to others since I would not be where I am without collaboration efforts from others.

Check this out 😄:

{% content-ref url="binary-exploitation/ret2libc/" %} ret2libc {% endcontent-ref %}

I wanted to give a special thank you to Mr. Eltringham for always believing in me during my college experience. I could not have done it without you. I will forever keep your words of motivation and wisdom in the background with each professional decision I make going forward.

Within the last year, I made a switch from Pentesting to Vulnerability Research and couldn't be happier!

How would I compare the two?

I went from attacking computers from the view of a satellite to attacking them from the perspective of looking under an electron microscope.

A solid explanation of vulnerability research:

"We're the weapon that no one saw coming 😉".

We analyze software and hardware components for vulnerabilities and develop Proof-of-Concept exploits for them.

As of lately, I am strengthening my C and Python development skills to become a more competent developer. Want to keep track of my maldev progress -- check out my GitHub repo and my Malware Development page in my Gitbook!

Here I will be covering a bunch of binary exploitation:

{% content-ref url="binary-exploitation/binex-methodology-and-notes.md" %} binex-methodology-and-notes.md {% endcontent-ref %}

{% embed url="https://github.com/0xXyc/binex" %}

Check out my walkthroughs for the challenges below and let's learn together:

{% content-ref url="binary-exploitation/return-oriented-programming-rop/" %} return-oriented-programming-rop {% endcontent-ref %}

Also, be sure to check out my latest pwn challenge writeups from Hack The Box (HTB):

{% content-ref url="binary-exploitation/htb-pwn-challenges/" %} htb-pwn-challenges {% endcontent-ref %}

• A 5-day long assessment where you are tasked with conducting OSINT on a target, breaching a network externally and internally
• The ultimate goal is to become domain admin
• Lastly, you must give a 15 minute debrief to the TCM Security team

• Interactive environment with 27 flags and 14 hosts to compromise

{% embed url="https://github.com/0xXyc" %}