introduction


    hiya~~

    i'm ali.m - researcher by day, hacker by night.
    this space contains fragments on hacking.

    feel free to reach out to me if you have anything to share or questions to ask.
    

fragments on hacking

    exploring cobalt strike ttps
                exploring a used in the wild C2 server, cobalt strike, during my CRTO course preparation.
		ttps explored include domain recon, privilege escalation, lateral movement, user impersonation
		credentials, kerberos, ADCS, group policy, MSSQL, MCM, domain trust & dominance

    cryptostealer reverse engineering
                reverse engineering of in the wild crypto stealer. dive into initial access, persistence,
                creation of scheduled tasks, data exfiltration, C2 communication and theft of crypto from
                browser based crypto wallets & crypto applications.

    trivial pdf decoy for persistence
                guide on creating a shortcut pdf decoy file that appears normal but executes malicious code.
                includes more sophisticated example replacing decoy to appear as if a real pdf was executed.
    
    indepth analysis of my first malware binary
                indepth static and dynamic analysis of a chinese linked malware sample that uses Cobalt
                Strike beacons. Shows my struggle with reverse engineering too ;_;
    
    zerologon packet analysis
                packet-by-packet zerologon exploration through wireshark and microsoft documentation.
                invesigate a security whitepaper, key microsoft windows functions and bad cryptographic habits.
    
    tiny wardriver
                tiny embedded wardriver using esp32 (2.4GHz) discovers local area networks and records
                ssid, signal strength, encryption protocol, longitude, latitude, altitude, date and time.
                uses: esp32, neo-6m, 4-pin push button, ssd1336 display, arduino, bash scripting.
    

contact

For any inquiries or questions, please contact me using <ash.ali@und.edu>