What I am up to these days (subject to change)

A few years ago made my transition into working in IT Security from IT Operations working in many IT Operations roles.  Over the last few years I’ve been building up my skills in Security doing anything from working on code, tackling VMs on Vulnhub, or a CTF or two spending a considerable portion of my time building up my skills. Like most things I take an interest in, I decided to go full bore hence the blog and all the stuff tied to being active in the tech and infosec community

Information Security being a broad field, I wanted to narrow my focus down to a few categories, and most of the topics on this blog will fall into one of them. Something Offense, Defense, Code, and Cloud. Most of my posts will fall into these categories, aside from the community service related stuff where I’ll dump info on conferences and different events.

Offense (Red)
Well knowing how to assess and attack a target is probably useful in the security aspect of things. How’s the saying go “keep your friends close, and your enemies closer”. I also like Sun Tzu’s quote “Know thyself, know they enemy. A thousand battles, a thousand victories”. Interesting enough, out of the many people I know with OSCP certifications, the majority of the ones I’ve worked with have been more on the defensive side of things. Whether or not I do any pentesting down the road, I want to have this skill set. Besides, it can be lots of fun wreaking havoc on a homelab and there are plenty of places on the blue team where those skills come in handy. As for the offense, you start to care about using better passwords and applying MFA once you learn about password lists like rockyou.txt

Defense (Blue)
This one is obvious as that’s kind of what we’re all here for for the most part. Yes even the pentesters and red teamers out there. Sure you spend your day attacking things, but the end goal is always around defending a network, reducing risk and pointing out where the weak points are. I am finding defense can be pretty deep and interesting, and if you are the type to embrace chaos Incident Response can be quite fun. More significant though is our dependence on technology and how much more real the attacks get. Every one of us has something of value to protect that’s on a network. Considering that dependency of technology and our advancements, we are now in a delicate age of real-world life and death consequences when networks or devices can be attacked. Never mind bluetooth attacks on pacemakers, we now deal with hospitals being breached or dealing with ransomware.

Cloud
Yeah the buzzword of the day which boils down to where things are. Even if companies don’t operate solely on a cloud platform, chances are something they use operates (outside of their network). It might be a business partner for some of the most innocuous things, or it might be something mission critical. Either way, having some familiartiy with a cloud platform, or in general will probably be useful. Most applications these days are web based and being molded for use on mobile devices.

Code
I need to preface that (at this moment) I am not a software developer by trade. That said, I have definitely put together a tool or two and if you’ve done enough sysadmin you have needed to write a bash, batch, or PowerShell script to solve a given problem in the day you know how valuable this skill is. Now for this topic, the reason why its important is because that’s what everything runs on. A server has an operating system, and operating system has software that does <things>. You need specific tools and software to interact with said server. And what is all that software at the end of the day?

Basically someone that will take a more proactive approach to protecting a network or in the context of football, the offensive lineman that “trucks” i.e. steamrolls over the defensive linemen trying to sack the quarterback rather than just attempting to prevent an attack. It’s funny how counterintuitive the concepts of defense and offense work in football. When you’re on defense your primary goal is preventing the offense from scoring, but you also have the option to get the ball and score against the offense. When you’re on the offense, you advance to the end zone to score, but you are also protecting the quarterback. 

Background

After a brief stint in college, I started off my IT career in the United States Navy onboard the USS John C Stennis. During that time I took an interest in things like writing batch files and scheduling tasks to send messages to people on other computers, and other fun things with a similar vein. I also had a good mentor and friend show me a lot of fun and interesting ways to do my job more efficiently who also introduced me to DEFCON, with my first attendance being DEFCON 8.   While this was exciting, it was close to the beginning of my career.

Bear in mind, my time in college was the first time I had used the Internet (as we know it) and in between my limited experience at the time and the fact I had concerns about getting in trouble from the Navy for going to such a conference I hadn’t mentioned it to many people for the rest of my time in.  After serving, I had begun working my way up in IT Operations but didn’t think of going back to DEFCON naively thinking it was a one time thing rather than a yearly conference.

Years later I returned to DEFCON, now in it’s 19th year. A lot had changed for not only the conference but also the world as a whole. My experience had grown quite a bit and at that time I had gone from doing technical support in the Navy, working my way up in various roles eventually beginning to specialize in a role as a Systems Engineer responsible for supporting multiple Microsoft based platforms.

With a rekindled interest and a desire for more challenging work I started getting reacquainted with the community and immersing myself to gain as much knowledge as possible in addition to becoming an active participant in the community by attending and volunteering for conferences, contending in CTFs, and mentoring those willing to learn, and continuing to work on various topics of interest and sharing my experiences here.

"This is our world now... the world of the electron and the switch, the beauty of the baud.  We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals.  We explore... and you call us criminals.  We seek after knowledge... and you call us criminals.  We exist without skin color, without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike"

-The Mentor, Hacker Manifesto