introduction
hiya~~
i'm ali.m - researcher by day, hacker by night.
this space contains fragments on hacking.
feel free to reach out to me if you have anything to share or questions to ask.
fragments on hacking
exploring cobalt strike ttps
exploring a used in the wild C2 server, cobalt strike, during my CRTO course preparation.
ttps explored include domain recon, privilege escalation, lateral movement, user impersonation
credentials, kerberos, ADCS, group policy, MSSQL, MCM, domain trust & dominance
cryptostealer reverse engineering
reverse engineering of in the wild crypto stealer. dive into initial access, persistence,
creation of scheduled tasks, data exfiltration, C2 communication and theft of crypto from
browser based crypto wallets & crypto applications.
trivial pdf decoy for persistence
guide on creating a shortcut pdf decoy file that appears normal but executes malicious code.
includes more sophisticated example replacing decoy to appear as if a real pdf was executed.
indepth analysis of my first malware binary
indepth static and dynamic analysis of a chinese linked malware sample that uses Cobalt
Strike beacons. Shows my struggle with reverse engineering too ;_;
zerologon packet analysis
packet-by-packet zerologon exploration through wireshark and microsoft documentation.
invesigate a security whitepaper, key microsoft windows functions and bad cryptographic habits.
tiny wardriver
tiny embedded wardriver using esp32 (2.4GHz) discovers local area networks and records
ssid, signal strength, encryption protocol, longitude, latitude, altitude, date and time.
uses: esp32, neo-6m, 4-pin push button, ssd1336 display, arduino, bash scripting.
contact
For any inquiries or questions, please contact me using <ash.ali@und.edu>