About Me

Polymorphic Compression Prepender Malware

Introduction I have, for the past six months or so, learned that really I enjoy reverse engineering malware (shout out to VirusShare.com). I thought to myself “how hard can it be to make malware?” The answer is: pretty damn hard. I decided to start off small and try my hand at making a compression prepender virus because it seemed pretty straightforward. For those who don’t know what a compression prepender virus is, it’s a virus that prepends itself to the host, compresses the host, and saves the binary in that order.
Read more

Eversec CTF - ever-sh: A Reverse-Engineering Challenge

This Saturday, the Clemson cyber security team, CU Cyber, and Tillson Galloway competed on one team at BSides Charleston. As all Eversec CTF’s, this was an awesome event and had super fun challenges. As a binary nerd, I’d like to give a writeup of one of the few binary challeges. On the home page, there was a challenge called evrs-sh. After downloading the binary, I did a quick file evrs-sh to find that this was a 32 bit ELF.
Read more

Using TShark to Get Telnet Credentials

Telnet is a great tool. Maybe not for security, but remote administration is always good… right? For Dr. Richard Brooks’s gave his ECE 4490 class lab time to demonstrate how Telnet passwords could be ripped from PCAP files. The task was to point out where passwords and user names were visible in the TCP stream. Pretty easy, right? Just right click a Telnet packet on Wireshark and “Follow Stream.” Mackenzie Binns and I decided to take it up a notch and do some Bash scripting to output the username and password directly.
Read more

Implementation of `git-fuck`

Story It always sucks to mess things up when you’re trying so hard to be clever. Here’s the backstory: I was in the process of setting up a Gentoo machine, but all of my config files for i3, terminator, and fish were on my Arch laptop. I thought of a really slick solution of initializing a git repository and uploading my config files to GitHub so that I could have a back-up of them anywhere I go.
Read more

Reddit Recon-ng Module

The Reddit Recon-ng Module Recon-ng is a metasploit-like framework for doing reconnaissance work on a person, company, or domain. It has nice features like being able to make Google searches to find domains that might not be known to you, or searching through password dumps for username and passwords. It is easy to set up, extremely powerful, and very extensible. The BitBucket link is here. The best part about the framework is how easy module creation is.
Read more

Porter-Gaud Cyber Security 2016

Intro This year I founded the Porter-Gaud cybersecurity club. I had a lot of successes and a few failures during the year, so I wanted to share those with everybody. I decided to make the club because I knew that there were at least 4 people that would participate, and wanted to get others interested in security. I knew that I would get a lot of help from Soteria, a Charleston-local company I work for, to help teach the students.
Read more

Palmetto Cyber Defense Challenge

PCDC Intro This weekend, I competed in the Palmetto Cyber Defense Competition with the Porter-Gaud Cyber Security team. There were eight teams that competed. Two teams were invited back from last year, and the other six teams were selected from getting top 6 at CyberPatriot in South Carolina. Since this was the first year that PG competed in CyberPatriot, so it was also our first year at PCDC. Scoring for PCDC is based on two parts: services and business injects.
Read more