Threat modeling is a cornerstone of proactive cybersecurity strategy, allowing organizations to systematically identify and address potential vulnerabilities before they become exploitable weaknesses. This structured approach helps security teams transition from reactive firefighting to strategic defense planning.

I can happy say that the final script for my zero trust book is complete and have been sent to Wiley for approval. Hopefully they will find everything is in order so we can move towards the next stage of getting the book published.

Malware analysis is the study of malware, aiming to understand its behavior. What sets malware analysis apart from other forms of reverse engineering is that malware typically tries to take control of a system. This is why it’s important to use an isolated environment separate from the rest of the network, ensuring that the malware doesn’t accidentally infect the entire network.

In this article, we will discuss how to solve the CSAW19 Beleaf challenge. The challenge involves finding the correct key (flag) from a given program. We will walk through the analysis of the program, the creation of a Ghidra script to help us find the flag, and the final solution. The program for this challenge can be found here: https://github.com/guyinatuxedo/nightmare/tree/master/modules/03-beginner_re/csaw19_beleaf

PDF documents are regularly exchanged by people, and for that reason also used by malware authors as a delivery method for their payload. Which is why it has taken the nickname payload deliver file. Opening pdf files within a chromium browser makes it harder for the payload to infect the system, because of the built-in sandboxing feature.

This is a short blog. Here are some of the techniques that have been developed as I programmed software and from reverse-engineered software, Some of these are Windows-specific.