Med-Mastodon

0 posts0 participants0 posts today

Max RenkeDay 1 of posting to social media until I get an offensive security research jobFirst, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in. Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety. If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).<a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffensiveSecurity</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/WindowsInternals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WindowsInternals</a> <a href="https://infosec.exchange/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackTheBox</a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CTF</a> <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EthicalHacking</a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a> <a href="https://infosec.exchange/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BlueTeam</a> <a href="https://infosec.exchange/tags/RustLang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RustLang</a> <a href="https://infosec.exchange/tags/PythonProgramming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PythonProgramming</a> <a href="https://infosec.exchange/tags/DevEnvironment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevEnvironment</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CyberCareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberCareer</a> <a href="https://infosec.exchange/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityResearch</a> <a href="https://infosec.exchange/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MemorySafety</a> <a href="https://infosec.exchange/tags/CyberCommunity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberCommunity</a> <a href="https://infosec.exchange/tags/JobSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JobSearch</a> <a href="https://infosec.exchange/tags/TechJourney" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechJourney</a> <a href="https://infosec.exchange/tags/SecurityEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityEngineering</a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/LearningEveryDay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LearningEveryDay</a>

pill.Does anyone have recommendation to learn about <a href="https://infosec.exchange/tags/windowsinternals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#windowsinternals</a> ?

Graham Sutherland / PolynomialI wrote a thing for work! Microsoft are introducing a new type confusion bug class mitigation called CastGuard, as part of the MSVC++ compiler.Right now it's still undocumented & unreleased. I stumbled across it by accident while looking at the Load Configuration directory in PE files, and ended up going down a deep rabbit hole of reverse engineering the entire feature and discovering all the hidden compiler flags and language keywords<a href="https://labs.nettitude.com/blog/preventing-type-confusion-with-castguard/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://labs.nettitude.com/blog/preventing-type-confusion-with-castguard/</a><a href="https://chaos.social/tags/cpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cpp</a> <a href="https://chaos.social/tags/windowsinternals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#windowsinternals</a> <a href="https://chaos.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>

log4jmSome of my holiday presents to start my 2023 <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/books" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#books</a> reading list:1) "Tracers in the Dark" by <a href="https://infosec.exchange/@agreenberg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@agreenberg</a> who along with <a href="https://infosec.exchange/@kimzetter" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@kimzetter</a> and <a href="https://infosec.exchange/@NicoleP" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@NicoleP</a> is in my top 3 favorite writers in cyber2) "The Art of Attack" by Maxie Reynolds3) "The Art of Cyberwarfare" by Jon DiMaggioall sitting atop my laptop, which is filled with eBooks I've bought over the last year. On there my goals for 2023 is to start/finish:4) <a href="https://infosec.exchange/tags/WindowsInternals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WindowsInternals</a> 🤓5) the incredible <a href="https://infosec.exchange/@alyssam_infosec" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@alyssam_infosec</a>'s "Cybersecurity Career Guide", which is actually where I'm going to start since I've got interviews for an InfoSec role in 2 weeks.What are you reading in 2023? <a href="https://infosec.exchange/tags/HappyNewYear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HappyNewYear</a>

Recent searches

Search options

Administered by:

Server stats:

#windowsinternals