For a less technical posts, I wanted to put into words what I managed to achieve in 2021 (on a personal growth level), and what I would like to do moving forward.
Last year, I feel, has been a pretty eye-opening one. I feel that working in a large organization gave me a very good sense of what fields of cybersecurity are out there. Sometime in August, I managed to pass the OSCP exam (what a ride that was!), and in November I passed the GREM certification from GIAC (that was much easier than expected, but still very informative). I think that, mainly, most of the growth I did was in the forensics/malware analysis area, and I’m happy about that. I think that’s what interests me the most, and definitely what I’d like to “specialize” in.
Some topics I’d like to cover in the coming months are:
- Forensics: while I have a pretty good sense of how to go about malware analysis, I feel like I’m pretty behind forensics as a discipline, as a whole. Unfortunately, it’s quite hard to find good and affordable training out there. With some luck, maybe I’ll be able to take SANS FOR508 and the related GCFA certification.
- Memory forensics: this is just so cool! In all seriousness, I find memory forensics fascinating and I can’t wait to dive into it much much deeper. Ideally, I’d like to be very comfortable with Volatility, and maybe also capable of writing some plugins myself. I’m currently reading “The Art of Memory Forensics” and getting a ton of good information, and ideas.
- AV/EDR bypass, writing malware/red teaming tools: this falls into the part of offensive security that is close enough to software development to actually interest me. This material is largely covered in the Sektor7 training programs, which look really interesting and I will definitely do it sometime this year. It’s also part of the syllabus for PEN-300 (OSEP) from Offensive Security. The drawback is that this is a pentesting course, which also includes lots and lots of Active Directory. As much as I’d like to be OSEP-certified at some point, I can’t bring myself to do this yet.
And that’s about what I’ve set my mind to for these coming months. Starting with memory forensics, I’ll keep trying and document my progress here, although I am still unsure what I’ll do first.