Digital Forensics

It’s semester 2 2023 and time for my final subject in the UNSW Cyber Security Masters course, digtital forensics run by Seth Enoka. I got to venture deep into Windows internals, including core Windows memory structures, subsystems such as prefetch and shimcache, NTFS file system internals and mechanicsm including MFT analysis and much more. All this analysis was conducting using the following Linux analysis tools: Tools Tools Description Yara A pattern-matching tool used in malware research and forensic analysis to identify and classify files based on defined rules and signatures.
Read more →

Information Assurance

Kicking off the 2023 University year I continue my journey into the Cybersecurity Masters program with unit Infomation Assurance and Security run by Michael McGarity and Huadong Mo. Provides students with a deep understanding of the technical, management and organisational aspects of Information Assurance within a holistic legal and social framework. The course is essentially modelled off the CISSP certification, which dives into the following subjects: make a realistic assessment of the needs for information security in an organisation discuss the implications of security decisions on the organisation’s information systems understand the principles of writing secure code show an understanding of database and network security issues demonstrate an understanding of encryption techniques understand foundations of the tools and techniques in computer forensics show an appreciation of the commercial, legal and social context in which IT security is implemented apply knowledge gained to business and technical IA scenarios Intro Not a one size fits all approach.
Read more →

Cyber Defence Operations

Semester 1 2022 has snuck up on me again. This semester as part of the UNSW and ADFA run Master of Cyber Security degree, I’m taking the blue team core unit ZEIT8026 Cyber Defence - Network Security Operations (SecOps) lectured by Dr Waqas Haider and Dr Nour Moustafa. Unlike its sister red team unit ZEIT8020 Cyber Offense - Cyber Network Operations (CNO) which I took in 2018, ZEIT8026 aims to lay the foundational knowledge of cyber defence operations:
Read more →

Binary Similarity Analysis Technical Paper

An academic paper I authored in May 2019, as part of studying Reverse Engineering at UNSW. Abstract Extracting meaningful semantic differences between software binaries without source code is difficult. This is a challenging problem due to the overwhelming amount of syntactic noise that small changes can result in at the assembly level. Curiously when it comes to program semantics the “signal from the noise” can be distilled in a manner that is both static and processor agnostic, through the application of control flow and graph isomorphism analysis, symbolic execution and theorem proving.
Read more →

Exploiting Heap Allocators Technical Paper

An academic paper I authored in October 2019, as part of studying Modern Exploit Development at UNSW. Abstract Heap oriented exploits continue to be an ongoing threat, and have gained popularity post the stack smashing frenzy of the 90’s and early 00’s. Even so called safe languages (e.g. JavaScript, Java) remain vulnerable due to their underlying C/C++ implementations. Heap allocator designs and implementations, of which there are many, struggle to strike the balance between performance and security, performance often winning out to keep programs running as fast as possible.
Read more →