Discerning A Security Research Path: Part 1, Getting Started
A brief history about me is that when I started computing seriously was back in the ’90s when I was consumed with wanting to learn to hack into machines and networks. Additionally, I wanted to write virii because I thought they were cool, with the back and forth with antivirus software. That spark began my journey into BSD and Linux and learning programming languages (real hackers know how to code and use *nix).
So, I learned Linux and the BSDs and learned to program in several languages. Then I had mentors that guided me into being a sysadmin and software developer for web applications. I stayed there for 20 years and periodically longed to go back to my roots, regretting where my life was heading over time.
Then I decided to finally get back to my original joy in computing: hacking computers and networks.
The other piece that is missing is writing virii and designing them, etc. Virus development is a relic of the past now, mostly, and it seems the malware is the new virus world. I have no real interest in reverse engineering malware to help companies defend against it; I’m more curious about how the malware is designed and spreads, and I want to build my own. Note that my goal isn’t to infect the planet but to figure out how these malware programs are built.
That is part of why I am building a C2 software program in C. I want to learn how they are constructed and get good with C programming again. I’m also getting good with C as a future goal of contributing as a kernel developer to a BSD project.
This brings us to the present day, where I made it into the infosec space as a pentester. I get to break into machines, networks, and web applications (not excited about web applications, but it is a big part of pentesting). I’m a junior pentester, so I have to start from the bottom.
So, now I need to figure out how and where to get started with doing security research around malware.
I’m interested in all the techniques and particulars used in advanced malware. Nowadays, that seems to be ransomware?
I’m not terribly interested in ransomware because it seems like it is just a trick to make money or be a total asshole. However, I like the parts where it communicates with a C2, spreads, exploits, and the techniques to make reverse engineering difficult.
Not sure where to begin. I did get some pointers to where to find malware samples and source code for things.
I wish I had pursued a hacking career when I had the chance about 20 years ago. I can’t change the past, but I can change the future and present!
I also want to find critical flaws at the kernel level with Windows, Linux, or a BSD. Probably focusing on auditing drivers is a good idea. It would be nice to find a sweet privileges escalation path on one of those platforms. Perhaps a BSD or Linux, as it will aid me in getting closer to being a kernel developer? Uncertain.
I am still trying to discern what I want to do by connecting my inner passions and interests with what exists to work on. I need that drive when the work gets old or boring… I suspect that the research work on hard things could take months and may not produce anything… and I need to be OK with that and continue.