What I’ve been up to recently: Mid 2019 to now.

Hi! It’s been awhile since I’ve posted on here, and would like to bring my audience up to speed on what I’ve been working on as of late.

-Back in September, I recently was a Team Captain for a Capture The Flag event hosted by RISE with over 50 participants!https://roanokeinfosec.com/2019/10/20/meeting-notes-capture-the-flag-demo/

-I’ll also be working on Roanoke VA’s BSides event in May!
https://roanokeinfosec.com/2020/02/05/bsides-roanoke-2020-call-for-papers-announced/

-I’ve found zero-day vulnerabilities in products with 3 vendors, and am currently coordinating a responsible disclosure with all 3. I am still awaiting responses as of Feb. 10th, 2020. (I am currently not at liberty to discuss the specifics of who and what products these are.)

-Dove deep into the Blue Team side! I wanted to brush up on my defensive expertise, so I got extremely familiar with SIEM solutions like Splunk and qRadar, as well as monitoring and configuring EDRs like Carbon Black. Overall – I’ve been able to create rules for IOCs, reduce false positives, and help implement tighter whitelisting and blacklisting policies.

-Began pursuing the CEH and GPEN certifications, in addition to beginning the path of creating my own custom exploit and pentesting framework.

-Recently was selected to give a talk regarding Burp Suite usage for local infosec experts in the area at RISE!
https://roanokeinfosec.com/2020/02/04/february-2020-introduction-to-burp-suite/

-And much, much more. Expect to see a lot more updates in 2020 including some articles on

– Getting the most out of your SIEM and EDR solutions
– Pentest methodologies that get you in the front door
– Undetected Lateral Network Movement
– Reversing and exploiting embedded device firmware.

Looking forward to everything 2020 will be bringing. Stay tuned!

Leave a Reply

Your email address will not be published. Required fields are marked *