Posts Archive

Here are all the blog posts I’ve written so far.

• 2024/09/14 » Acquiring Malicious Browser Extension Samples on a Shoestring Budget (crypto)
• 2022/02/07 » Hunting for Persistence in Linux (Part 5): Systemd Generators (security)
• 2022/02/06 » Hunting for Persistence in Linux (Part 4): Initialization Scripts and Shell Configuration (security)
• 2022/01/30 » Hunting for Persistence in Linux (Part 3): Systemd, Timers, and Cron (security)
• 2021/11/23 » Hunting for Persistence in Linux (Part 2): Account Creation and Manipulation (security)
• 2021/11/22 » Hunting for Persistence in Linux (Part 1): Auditd, Sysmon, Osquery (and Webshells) (security)
• 2021/11/08 » Synack 2021 Open Invitational CTF Crypto Writeup (crypto)
• 2021/08/10 » DEFCON 29 Red Team Village CTF Writeup: Supply Chain Attack (security)
• 2021/06/05 » POC Exploit from a CVE: Apache Airflow 1.10.10 RCE (security)
• 2020/08/11 » DEFCON 28 OpenSOC Blue Team CTF: Lessons and Tips (security)
• 2020/07/08 » A gentle introduction to HDBSCAN and density-based clustering (stats)
• 2020/06/12 » U2F with Duo Web Phishable by default (security)
• 2020/05/28 » Bypassing LastPass’s “Advanced” YubiKey MFA: A MITM Phishing Attack (security)
• 2020/04/26 » Data Analysis for Cyber Security 101: Detecting Lateral Movement (security)
• 2020/01/17 » Understanding HDBSCAN and Density-Based Clustering (stats)
• 2019/11/04 » Time Complexity for Data Scientists (stats)
• 2019/10/08 » Data Analysis for Cyber Security 101: Detecting Data Exfiltration (security)