Hacking

I’ve been using agentic AI workflows in my security testing for a while now, and at this point I can say it’s the single biggest force multiplier I’ve encountered in offensive security. I’m not talking about asking ChatGPT to write you a Python script. I’m talking about orchestrated, multi-agent workflows with defined roles, custom skills, guardrails, and memory. Doing in a week what used to take a small team several weeks.

I spent about a year and a half doing privacy red teaming at a large tech company. I’m not going to name them but if you follow me it’s not hard to figure out. What I will say is that it fundamentally changed how I think about security testing, and I think there are lessons here that apply broadly to anyone doing offensive security work, especially as privacy regulation and user expectations continue to evolve.

I’ve recently been using radare2 for a bit of reverse engineering and have used it a little bit in the past for CTF competions. (Side note: scaleway.com is a great cloud/VPS service if you need an ARM based server/machine for a something like a CTF to analyze ARM binaries and do not have a Raspberry Pi, ODroid or similar ARM based computer handy.)

I discovered Cutter recently, which has some instructions to compile it using cmake (also qmake but I had and used cmake).

2018 came with a big transition for me, a new opportunity came up that allowed me to pivot into InfoSec full time. Without going into too much detail I’ll be doing a bit of offensive security. This is very exciting for me to say the least.

One of the things I am working on that I have had plans to build out eventually for some time is a home pentesting lab. I’ve managed to setup a multi-core CPU PC with about 32 GB of RAM. I’ve setup a virtual environment using KVM that I plan to be managing with RHEL based tools. For now I’m using the Gnome Boxes and/or virt-manager. My plan is to simulate a fully functional environment networked VM’s to act as an attack range for both known and new exploits that I’ll use for practice or research.

Iworked another year as staff for CarolinaCon 2017. This year I helped run the hardware hacking village with my friends and fellow members of FALE which was mostly if not completely used to assemble badges for the conference which where Atmel based hardware badges that communicated wirelessly with RF modules on the ~900+Mhz frequency range. The badges were designed by my friend melvin2001 whom I miss badly now that he’s moved across country. The code for the badges are located on the FALE GitHub.

I gave another talk for this year’s CarolinaCon 12 called “Never Go Full Spectrum Cyber”. For this talk I focused on mistakes “hackers” and even some InfoSec professionals have made and then a short summary at the end of OpSec lessons that could have prevented the mistakes covered earlier in the talk.

The talk slides are here. [UPDATE: The talk video is here.]

I referenced OpSec work and talks done by the grugq. You can find his site I mentioned in my talk at grugq.github.io. The grugq’s talk I also mentioned is called OPSEC: Because Jail is for wuftpd.

I’m still recovering from Vegas even a week later. So I’m just going to link a bunch of things you should check out and mention a few cool things that happened or that I saw.

• PowerShell Empire - written in my two favorite scripting languages, may replace Meterpreter someday.
• Modern Honeypot Network - build your own cloud based network of honeypots that feed results back into a centralized server.
• HoneyDrive - an okay honeypot VM image (if you for some reason want to run your honeypot in VirtualBox or VMWare)

I also put together a DarkNet badge, walked until my knee gave out, attended a lot of events. DefCon itself was overcrowded, I stayed out of the talks and main halls and focused on SkyTalks, and the villages and competition areas. The DefCon biohacking village was to me the most interesting new thing this year.

Quick summary of a few cons I went to. I went to ISSA conference in Charlotte earlier with FALE, but more recently I went to BSides Asheville as a volunteer. I also participated in their CTF with some Cha-Ha members, and we came very close to winning, but placed second. Some friends and I camped out isntead of staying in a hotel, listened to bluegrass in a mountain bar and saw some talks, etc.

My talk from CarolinaCon is up.

This is not a professional talk, by any means, it was a humorous one, at a hacker con, meant to be somewhat entertaining, delivered late at night. Some of the sites displayed contain profanity, etc. I use some profanity in the talk as well. People liked it, one person told me it was their favorite talk which shocked me. The slides are here.

I will be attending CarolinaCon again this year with FALE since we are run the LockPick Village. The big difference this year will be I am giving a talk as well. This will be my first talk at a conference of any kind.

Unless something changes I’m scheduled Friday night(Mar 20th) at 10pm. Giving a talk at all was almost unexpected and only came about because they had extended the call for papers by a few days when not enough talks were received. I and several of the FALE members rallied for more speakers online and submitted our own talks. Mine was completely off the wall and related to a treasure trove of terrible but funny defacement pages I’d discovered. I hope to give an account of defacement pages, a short history of them, and deconstruct them with humorous results. I was surprised when it was actually excepted, especially since a lot of talks were submitted and some rejected.