Hello and welcome!!
Since you are snooping around my site (as is your internet birthright!), you might as well get to know the man it features and how I came to be.
Growing up in South East Glasgow I was introduced to Cyber Security in high school and picked it as a subject (for a laugh) during my senior years (5th and 6th year in Scotland). I was fascinated by the concept of attack and defence over the internet. The sneaky, clever, and brilliant tactics deployed by the red and blue teams alike have obsessed me with the industry since my early teens. I left high school with barely any grades except for Higher Biology and NPA Level 6 Cyber Security and instantly jumped at the chance to learn Cyber in any way I could. I enrolled in an HNC Cyber Security and Networking course at the City of Glasgow College. I passed all the modules and achieved an A in my graded unit. I also passed and achieved my CCNA 200-301. I then enrolled in a BSc (Hons) Degree in Ethical Hacking at Abertay University, where I continued my studies and was allowed to study abroad in the United States for a year.
That is the academics, which is just the beginning. In my spare time, day in, day out, even in other classes from the moment I was introduced to Cyber, I was doing my experiments to test and see what the possibilities were and how far I could push technologies or find vulnerabilities in well-established software (Such as Windows XP, 7 and 10 Home Virtual Machines), Despite my lack of academic achievement at the time within computing science.
From my teenage years until now, I have conducted several experiments to explore different aspects of cybersecurity. Firstly, I installed Crouton, a lightweight Linux distribution, onto a 10GB Chromebook. With Kali-rolling and tools like Nmap, Burp Suite, and Metasploit installed, I could effectively run two operating systems simultaneously on the Chromebook, toggling between ChromeOS and Kali Linux with hotkeys.
Moving forward, I delved into Command and Control Frameworks, including Metasploit (yes, I know, but by definition, it is a C2 framework), Sliver, and Havoc C2, to assess malware’s potential and limitations. I also experimented with ways to obfuscate payloads, aiming to evade detection by antivirus software. I also learned languages such as C# and C++, gaining insight into antivirus evasion techniques.
Further, I delved into advanced antivirus evasion techniques within memory. I studied how Metasploit’s payload meterpreter employs a two-part stager approach to load malware directly into memory for execution. I recreated this process, starting with basic scripting in VBScript and PowerShell attached to Microsoft Word Macros and progressing to low-level memory techniques such as using named pipes for inter-process communication between malicious modules on victim machines. Additionally, I experimented with techniques like AES/ROT4 encryption/decryption of shellcode and utilising undocumented WinAPI functions such as SystemFunction032/033 to achieve similar results, as well as hiding shellcode within .txt or .rscs sections of an executable.
Moreover, I explored more unconventional methods, such as extracting encrypted shellcode from images using steganography techniques or directly loading shellcode offered on a web server into memory for execution. These experiments allowed me to quickly figure out, with practical hands-on experience, what goes on on the internet, the strengths and impacts, and the limitations and vulnerabilities the defenders and attackers have when conducting their operations
More recently, my focus has been heavily on malware development and Command and Control framework usage in combination with developing my Threat Intelligence skills. I look at the TTPs of well-known threat actors, gathering intelligence from places like Twitter or vx-underground (those guys are amazing) and attempting to replicate them in my home environment.
My Honours project was driven by my pursuit of knowledge in cyber Security through personal experimentation. Creating a realistic yet competitive Cyber Security Training environment that encompasses all elements of Security in a safe and unrestricted way to explore how to conduct offensive operations and defend against them in the same context.
These are only a few Infosec-related experiments I have conducted over the last few years to understand Ethical Hacking better. However, I also have done other experiments that are very much IT-specific and not too much with hacking. These include creating a computing cluster using Kubernetes and Rancher; I used 4 Ubuntu Server 20.04 virtual machines connected on the same subnet in VMware. I then used Kubernetes k3s to link them together in a cluster. Finally, I used a 5th Ubuntu Server 18.04 running Rancher to control the cluster through a Web GUI. This allowed me to experiment with deploying containers dynamically across all 4 of these servers, deploying instances such as a matrix-synapse server for end-to-end encrypted messaging services and OpenMediaVault for NAS services.
The whole point of this website is to document my journey through the rest of my cybersecurity journey and my academic studies at home or abroad and to have them all in one place and public for all to see. So, I hope that if you have come here looking for help, a little light reading, or even to see what I am all about, you enjoy what I have posted here.
Thank you,
– Nekrotic