This Week’s Recap

Every Sunday I post a quick recap of what I’ve worked on the previous week in my free time. Here is what I worked on this week.

2/14/2022

  • Rewatched 5 Year plan Into InfoSec Part 2. This is something I go back and rewatch every few months. It’s the single most insightful hour of security advice I’ve come across. Its the type of advice that keeps you motivated to learn as much as you possibly can. I highly recommend everybody watches this.
  • Happy Valentines day!

2/15/2022

  • Read through this awesome research on deobfuscating redacted text by @2600AltF4 (Who is the lead security researcher at Bishop Fox). Really interesting stuff. I always internally felt that this was possible which is why I crank up the blocksize on all my redactions. The difference is pretty huge although, admittedly, I should just use a black bar.

  • Started working on a C2 program in python
    • Decided I wanted a python project that will push the limits of my python knowledge so I started working on a custom C2 program.
    • The point of this project is to work on it up until I’m in that zone of “I need to do more research to implement this feature”. Then doing research on what I need to learn to develop that feature, then coming back to the C2 to implement those new features.
  • Technically got it working, but there are lots of issues that will require refactoring a lot of how the server handles incoming beacon connections. Will probably work on this tomorrow.
    • Right now the server can send commands to the beacon and when the beacon checks for instructions it will execute commands from the client machine and send the results back.

2/16/2022

  • Essentially re-wrote the entire C2 to be multi-threaded and added a few other features to the server infrastructure to make it a little more usable.

    • Added multi-threading
    • Added a better user input method (basically just a thread running that accepts user input)
    • Added very basic connection management (The server will accept all incoming connections)

  • I’m making a conscious effort to plan out the design in a more logical way. I’m very used to making quick and dirty scripts that only need to be run a few times. Here was me brain dumping how I wanted the C2 to work.



   Server     
  ________    
  |==|=====|  
  |  |     |                       ______________________
  |  |     |       .---------.     \                     \
  |  |     |  ---->| Threads |----->) thread_serverListen )
  |  |     |       '---------'     /_____________________/
  |  |==== |            |                      |              .-----------------------------------------------------.
  |__|_____|            |                      '------------->| - Listens for server connections coming from beacon |
                        |                                     '-----------------------------------------------------'
       ^                |          ______________________
       |                |          \                     \
       |                '---------->) thread_getInput     )
       |                           /_____________________/
       |                                       |             .-----------------------------------------------------.
       |                                       |             | - Gets input from user                              |
       |30 seconds                             |             |  1. Help                                            |
       |                                       |             |  2. Run (command on beacon)                         |
       |                                       '------------>|  3. Debug                                           |
       |                                                     |  4. clear                                           |
       |                                                     |  5. Exit                                            |
       |                                                     '-----------------------------------------------------'
       |
 Beacon      
 ________    
 |==|=====|  
 |  |     |  
 |  |     |  
 |  |     |  
 |  |     |  
 |  |==== |  
 |__|_____|  
             

  • Finished chapter 4 of Hacking APIs. (Again, I forgot a lot of it from my previous read)
  • Did some digging into some of the tools I learned about in Hacking Apis

2/17/2022

  • Watched How To Burn Out In InfoSec And What To Do Next By Corey Ham
  • Some of the key takeaways
> If you feel like you can't finish your work on time its most likely your boss's fault
> In an interview make sure that you're asking about the training. Companies that want to train you don't want you to leave
1. Sleep is important
2. Ask for help
3. Managing time is so important
4. Avoid social media on busy days
5. Chose your commitments carefully*
6. Spend time outside/recharging
7. Intentionally choose a diet that works for you
8. Keep phone on do not disturb
9. Compartmentalize work
10. Allow closure on projects
11. Set realistic expectations
  • Added Security Library to my site which is a collection of security books I’ve read and liked.
  • Started using LeechBlock to limit time on twitter/linkedin/*worksites*

2/18/2022

2/19/2022

2/20/2022

  • Wrote this blog :)

Have any questions

Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)