This is my way of learning things - by doing, following, tinkering, exploring, repeating and taking notes.
Do not take everything or anything in these notes for granted
Do not expect the notes to be exhaustive or covering the techniques or the artifacts they produce in full
Expect mistakes in the notes
Always consult additional resources
At ired.team, I will explore some of the common offensive security techniques involving gaining code execution, code injection, defense evasion, lateral movement, persistence and more.
Most of these techniques are discovered by other security researchers and I do not claim their ownership. I try to reference the sources I use the best I can, but if you think I've missed something, please get in touch and I will fix it immediately.
The goal of this project is simple - read other researchers work, execute some common/uncommon attacking techniques in a lab environment, do my own reasearch and:
understand how various cyber attacks and techniques can be executed and how they work
learn about how malware is written
write code to further understand the tools and techniques used by attackers and malware authors
learn more about C++, Windows internals and Windows APIs
see what artifacts the techniques and tools leave behind on the endpoint
try out various industry tools for pentesting, coding, debugging, reverse engineering, malware analysis, and become more profficient in using them