Title: My OSCP Journey
OSCP (Offensive Security Certified Professional) is an entry-level certification by Offensive Security that recognizes a person’s skills in penetration testing techniques and methodologies. In this talk, Jia Le will be sharing his experience in tackling this notoriously difficult and hands-on certification.
Read more about the certification here: https://www.offensive-security.com/pwk-oscp/
Tan Jia Le is a Year 2 Information Security student at the National University of Singapore (NUS) and a member of NUS Greyhats. He has a keen passion for penetration testing and had obtained the Offensive Security Certified Professional (OSCP) certification earlier this year. During his free time, he enjoys following security trends on Twitter and reading about security research findings. He also participates in Capture-The-Flag (CTF) competitions and focuses towards web challenges.
Title: So you want to be a Malware Reverse Engineer (RE) ?
A sharing of tips/lessons gathered from a 5 year old malware RE.
Do you know what to do when you receive a piece of binary? How can you tell if it’s malicious? What are the steps taken to analyze this binary? What are the tools and techniques you can apply to examine this binary? What pitfalls to avoid and overcome with some of these static and dynamic analysis tools? How do you go about extracting the IOCs(Indicators of compromise) from the binary? Many tools can be utilized to dissect malware, but do you know which is the most important and how to take care of it.
The talk will focus on Windows PE but the techniques could also be applied to other file formats. There won’t be anything that is tied to a particular malware family but the content of the talk is gathered from the lessons learned while ‘dancing’ with malware samples.
Mark is a malware reverse engineer since 2017. His job requires him to comb through tens of binaries every week. He focuses on taking apart malware to determine its evasion techniques and IOCs. He has to analyze binaries of multiple formats e.g. PE, ELF, Mach-O, doc, pdf.
To him, every piece of binary has a story waiting for a malware reverse engineer to tell it.