Posts

Showing posts from 2018

08 - FLARE-ON 2018

Image
The 2018 FLARE-ON Challenge
I've been trying to write two posts per month, though it's been faltering lately, obviously.  Over the past few days / week, I've been working on the FLARE-ON challenge, so my attention hasn't really been on blogging, but I thought I'd take some time to make a placeholder for when the current FLARE-ON challenge ends-- then I can freely blog about the challenges and how far I got. 
In the event you haven't heard of FLARE, it's an acronym for FireEye Labs Advanced Reverse Engineering.  Apparently this is the fifth year this challenge has run.  I'd never heard of it until recently, but it looked fun and so far it has proved to be entertaining, as well as quite challenging.  I'm not really well versed in RE...  I'm interested in it, more for the exploit dev side of things than malware analysis, but more or less I'm just trying to get better at it.  Little CTF challenges like this one are a great time and help stretch t…

07 - Just Another OSCE Review

Image
CTP and the OSCE
"The OSCE exam is really hard" 
                  - Everyone, probably
As anyone who has attempted an OffSec certification knows, they're hard as nails.  I've taken the OSCP and now the OSCE, so I can attest to their difficulty.  I'm also not the type of person who can just "pass" these tests.  I took the OSCP multiple times, consistently overthinking the solutions to tasks that, once solved, were much simpler than I initially thought.  I also took the OSCE exam twice, with a month's separation between exams, so I'm no savant.  
One of my coworkers inquired if I'd write a blog post about how I prepared, and how I went from OSCP to OSCE.  What I did, resources I used, etc.  As far as a prep guide goes, I think you'd be better off looking elsewhere.  This has a lot of info in it, but I'm not going to talk about what you should and shouldn't focus on to pass the test, that's not the point.  This post is more or les…