Hi! It’s been awhile since I’ve posted on here, and would like to bring my audience up to speed on what I’ve been working on as of late.
-Back in September, I recently was a Team Captain for a Capture The Flag event hosted by RISE with over 50 participants! – https://roanokeinfosec.com/2019/10/20/meeting-notes-capture-the-flag-demo/
-I’ll also be working on Roanoke VA’s BSides event in May!
https://roanokeinfosec.com/2020/02/05/bsides-roanoke-2020-call-for-papers-announced/
-I’ve found zero-day vulnerabilities in products with 3 vendors, and am currently coordinating a responsible disclosure with all 3. I am still awaiting responses as of Feb. 10th, 2020. (I am currently not at liberty to discuss the specifics of who and what products these are.)
-Dove deep into the Blue Team side! I wanted to brush up on my defensive expertise, so I got extremely familiar with SIEM solutions like Splunk and qRadar, as well as monitoring and configuring EDRs like Carbon Black. Overall – I’ve been able to create rules for IOCs, reduce false positives, and help implement tighter whitelisting and blacklisting policies.
-Began pursuing the CEH and GPEN certifications, in addition to beginning the path of creating my own custom exploit and pentesting framework.
-Recently was selected to give a talk regarding Burp Suite usage for local infosec experts in the area at RISE!
https://roanokeinfosec.com/2020/02/04/february-2020-introduction-to-burp-suite/
-And much, much more. Expect to see a lot more updates in 2020 including some articles on
– Getting the most out of your SIEM and EDR solutions
– Pentest methodologies that get you in the front door
– Undetected Lateral Network Movement
– Reversing and exploiting embedded device firmware.
Looking forward to everything 2020 will be bringing. Stay tuned!