It's been a while, I know. I've been busy with some more important real-world things that have kept me from posting writeups on my personal blog. This is also unfortunately not a writeup. This is about me passing the GIAC Red Team Professional (GRTP) test following
This one was pretty straightforward since I have a few years in a SOC under my belt. I skimmed the course and took the test, took about 15 hours of the 24 to pass. I think the test/cert is a great metric for competent SOC analysts, but can'
Cert 1 of 3 down for OSCE3. If you are looking for a course review or exam experience, I highly recommend John Hammond's video. OffSec Exploit Developers (OSEDs) have the skills and expertise necessary to write their own shellcode and create custom exploits from scratch. They can use
If you remember from part 2 of the writeup series, we left off with an instance of AppLaunch.exe created in a suspended state. I left some hints at what it was going to be used for. If you didn't pick up on it - spoiler alert - it's process hollowing. In this part, I'm going to work with...
RecordBreaker malware (AKA Raccoon Stealer V2) is reported to be a "full rewrite in C/C++" of Raccoon Stealer. The Racoon Stealer malware family is an MaaS (Malware as a Service) "product" available for sale in online black markets that is primarily reported to be a password/credential stealer.