#windowsinternals — Public Fediverse posts

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay

(good reading) Introducing Early Cascade Injection: From Windows Process Creation to Stealthy Injection:

https://www.outflank.nl/blog/2024/10/15/introducing-early-cascade-injection-from-windows-process-creation-to-stealthy-injection/

#codeinject #reverseengineering #programming #windowsinternals #cprogramming #informationsecurity #cybersecurity

I wrote a thing for work! Microsoft are introducing a new type confusion bug class mitigation called CastGuard, as part of the MSVC++ compiler.

Right now it's still undocumented & unreleased. I stumbled across it by accident while looking at the Load Configuration directory in PE files, and ended up going down a deep rabbit hole of reverse engineering the entire feature and discovering all the hidden compiler flags and language keywords

https://labs.nettitude.com/blog/preventing-type-confusion-with-castguard/

#cpp #windowsinternals #security

Windows API Function Cheatsheets: https://github.com/snowcra5h/windows-api-function-cheatsheets

#windowsapi #cheatsheet #windowsinternals #malwareanalysis #reverseengineering

Windows API Function Cheatsheets: https://github.com/snowcra5h/windows-api-function-cheatsheets

#windowsapi #cheatsheet #windowsinternals #malwareanalysis #reverseengineering

Windows API Function Cheatsheets: https://github.com/snowcra5h/windows-api-function-cheatsheets

#windowsapi #cheatsheet #windowsinternals #malwareanalysis #reverseengineering

Windows API Function Cheatsheets: https://github.com/snowcra5h/windows-api-function-cheatsheets

#windowsapi #cheatsheet #windowsinternals #malwareanalysis #reverseengineering

Windows API Function Cheatsheets: https://github.com/snowcra5h/windows-api-function-cheatsheets

#windowsapi #cheatsheet #windowsinternals #malwareanalysis #reverseengineering

Windows Internals : Understand System Service Descriptor Table or #SSDT
#windowsInternals #ntdll #win32api

https://github.com/Faran-17/Windows-Internals/blob/main/System%20Architecture%20and%20Components/System%20Service%20Descriptor%20Table.md

:twitter:​ finally seems to be flat-lining, trying out this new mastodon thing...

#introduction, for peeps I've not met prior via my bird app handle @ntpopgetdope. I'm a vulnerability researcher that's worked in the industry professionally for >4yrs

My background stems from an obsession with #windowsinternals & the vastly underrated 'HAL.dll'. These days I'm into baseband vuln research working on obscure hardware, architectures & attacks. Love chatting about all things:
#fpga #uefi #baseband #faultinjection #openhardware #embeddedelectronics #pcbdesign and #cats !

Currently with the @InterruptLabs crew, a boutique vulnerability research & exploit development firm in the UK.