
Utilising EDR Tests to Enhance Threat Detection
Adversary emulation has been a really popular activity in organisations lately. It detects security holes in the organisation’s network and is generally a fun activity to do. In this post, we will look at a blend of EDR tests, adversary emulation, and enhancing threat detection.

Formatting your Hard Drive isn't Enough
We’ve all been there, you want to sell your laptop, old PC, or even your hard drive. Then, you recall reading somewhere that data can be recovered from drives even after they’ve been formatted… and, well, of course it can! You look it up on the internet and find not less than seven local businesses and over a hundred global ones that claim to re...

Tracking Changed My Life!
First, the backstory. Growing up, I had quite a bit of difficulty understanding what made me happy and what did not. My definition of “happiness” changed over the years, however the mystery always remained: What are the things that actually makes me happy? Is it achieving things? Is it sitting back and playing videogames all day? Is it going out...

Sysmon EID 27 Bypass
Sysmon version 14.0 was released on the 16th of August 2022. The new version introduces a new Event ID: 27 FileBlockExecutable. It is kind of new for sysmon to block something from happening completely. So, it was interesting to think of a way to bypass it!
I came across this post by Olaf Hartong. In this post, Olaf was previewing the new event...

There is No Single Roadmap
Here’s a very common misconception for beginners in the fields of technology: There is a single roadmap that you should follow in order to become successful or get a good job and not become the average Joe. This “single” roadmap differs so widely between people and subfields of the tech industry, that you can’t even find THE roadmap everyone is ...

Variadic Functions & stdarg.h
If you’ve ever programmed using C or C++, you’ve probably come across the function printf(). It’s a very popular function and all of C/C++ coders have seen it before.
printf (short for print formatted) basically prints formatted data to standard output (STDOUT). The function does so by using its format parameter, and the variables you want to p...

Reverse Engineering Writeup: ASCWG Finals 2020
Arab Security Cyber Wargames Finals 2020 was held on September 12th in Nile Ritz Cairo.
Photo Credit: Arab Security Conference.
This time I was the author of three of the five challenges presented in the finals. Here are the writeups for them.

Who Moved My Cheese?
We’ve all seen how 2020 is a very different year compared to the years of the last decade.
Even after things get back to “normal”, they just won’t be the same. That is due to a lot of changing factors around us that we can’t directly control such as the economy, the political scenes, and a lot of others. We’re unable to predict what will happen...
23 post articles, 3 pages.