Swiz Security LLC

Welcome all, I hope you enjoy your stay!

Knowledge should be free, accessible to all, and in one place. The security community permitted me to be able to learn all of this, this is just me giving back.

This is the main place I will be documenting hacking, research, notes, my methodology, and experiences. In other words, welcome to my world.

I cover everything from:

• Binary Exploitation
• Reverse Engineering
• Malware Development
• Pentesting/Redteaming Methodologies
• Theory

I wanted to give a special thank you to Mr. Eltringham for always believing in me during my college experience. I could not have done it without you. I will forever keep your words of motivation and wisdom in the background with each professional decision I make going forward.

"You must have confidence in your competence."

~ Professor Russell

These notes are an excellent way for me to convey my knowledge, skill set, and a good way to share what I've learned through my experiences. I believe sharing my notes is a great way to give back to others since I would not be where I am without collaboration efforts from others.

Check this out 😄:

{% content-ref url="binary-exploitation/automating-ret2libc-got-and-plt-w-pwntools.md" %} automating-ret2libc-got-and-plt-w-pwntools.md {% endcontent-ref %}

{% content-ref url="binary-exploitation/return-oriented-programming-rop/rop-chains-101.md" %} rop-chains-101.md {% endcontent-ref %}

{% content-ref url="binary-exploitation/ret2libc/" %} ret2libc {% endcontent-ref %}

Within the last year, I made a switch from Pentesting to Vulnerability Research and couldn't be happier!

How would I compare the two?

I went from attacking computers from the view of a satellite to attacking them from the perspective of looking under an electron microscope.

A solid explanation of vulnerability research:

"We're the weapon that no one saw coming 😉".

We analyze software and hardware components for vulnerabilities and develop Proof-of-Concept exploits for them.

As of lately, I am strengthening my C and Python development skills to become a more competent developer. Want to keep track of my maldev progress -- check out my GitHub repo and my Malware Development page in my Gitbook!

Here I will be covering a bunch of binary exploitation:

{% content-ref url="binary-exploitation/binex-methodology-and-notes.md" %} binex-methodology-and-notes.md {% endcontent-ref %}

{% embed url="https://github.com/0xXyc/binex" %}

Check out my walkthroughs for the challenges below and let's learn together:

{% content-ref url="binary-exploitation/return-oriented-programming-rop/" %} return-oriented-programming-rop {% endcontent-ref %}

Also, be sure to check out my latest pwn challenge writeups from Hack The Box (HTB):

{% content-ref url="binary-exploitation/htb-pwn-challenges/" %} htb-pwn-challenges {% endcontent-ref %}

• A 5-day long assessment where you are tasked with conducting OSINT on a target, breaching a network externally and internally
• The ultimate goal is to become domain admin
• Lastly, you must give a 15 minute debrief to the TCM Security team

• Interactive environment with 27 flags and 14 hosts to compromise

{% embed url="https://github.com/0xXyc" %}