My Professional Goals For 2021

For 2021 I want to work on improving my technical capabilities in areas where I am lacking. I chose to work on Windows internal network pentesting with AD, malware authoring/understanding, and public speaking.

  • Certifications: CRTP, CRTO, and possibly OSEP.
    • CRTP delayed, moving on to CRTO in June 2021, and still unclear if I’ll start OSEP in 2021… perhaps in Q1 2022?
  • Skills: C2 programming, Windows AD, and public speaking.
  • Extra: in-real-life cons and meetups.
    • No real-life cons for 2021.

Progress Log

  • 2021-01-12: going through a free AD course on YouTube 70-640 Active Directory Course (older course covering 2008 R2, but still applicable).
  • CRTP
    • 2021-01-15: booked the Bootcamp for Feb 6 (4 weeks) for CRTP.
    • 2021-02-06: started the Bootcamp for Feb 6 (4 weeks) for CRTP.
    • 2021-03-15: I didn’t finish the lab exercises and notes for the CRTP Bootcamp, so purchased extra lab time to complete them. Will finish by 2021-04-05. Additionally, I may skip CRTO and go right into OSEP.
    • 2021-04-03: Due to not spending enough time on the CRTP lab for the last 2 months, I had to buy another month. I was spending time on other learnings when I should have been hitting the CRTP lab hard. I didn’t put in the time, but will now. I’m planning on taking the exam at the end of April.
    • 2021-05-03: Well I didn’t make time for it the last month, either. So, booked for another month. Just how it is. I didn’t learn a ton of other things though, including the Go programming language.
    • 2021-06-04: OK, calling it for now. I just have some sort of mental block on CRTP that prevents me from finishing it and I’m moving on to CRTO.
  • CRTO
    • 2021-06-07: Ordered the CRTO course, 90-day lab, and exam attempt. Posted a tweet about it. I start on June 12 at 12 PM ET. Excited to begin, it is going to be a difficult 90 days!
  • Public Speaking
    • 2021-07-07: Spoke and presented at my local DEF CON 610 group, “Scrub to Professional Scrub”. It is a continuation of a previous talk I did “Zero to Scrub in 90 days”. Both talks focused on hopefully motivating people to get started and dive into offensive security and hacking.

Certifications

I like the idea of certifications because I force myself to learn things for a respected end goal, using the training supplied for the cert. Thus, learning the skills is more important than the letters.

CRTP

Pentester Academy’s Certified Red Team Professional (CRTP).

I lack Windows Networking and Active Directory proficiency, so this certificate directly works to fix that.

CRTO

Zero Point Security’s Certified Red Team Operator (CRTO).

I like this certificate because it enhances CRTP skills around Active Directory by including more Red Team things and Windows Network assets and technology.

OSEP

Possibly Offensive Security’s OSEP.

I like this certificate because it expands upon the other two certificates even more and should wrap up a foundational skillset around Windows internal network pentesting, especially with some perspective for writing/understanding malware on Windows and Windows networks.

I am not sure if I’ll have the resources or time required for OSEP in 2021.

Skills

While there is much more to learn, I have decided to limit myself to the things below. C2 and C programming mostly for me, Windows networking and AD mostly for work, and public speaking for both.

C2 Programming

I want to finish most programming for my Violent Fungus C2 project, bringing me up to speed with the C and C++ programming language.

This project aims to learn to build a C2 (Command and Control) server and agents for Windows, Linux, and FreeBSD. Additionally, there are some other goals such as getting better at C and C++ programming (it has been a long time), use ICMP and other protocols for unintended purposes, writing Windows agents to evade detection, and joining in the fun of everyone else building C2 software.

Almost a spec here https://attack.mitre.org/tactics/TA0011/; it would be cool to support most of the things there. I don’t know how to do things yet, but having a project is a great way to figure it out!

Note that I am not interested in how other C2 projects work right now. I want to do a clean implementation without biases other than how I read the spec, what I’d like to do, and how I think things should work, having worked on the blue side before.

Windows Active Directory

Note that the certs for this year are also tied to this skill and Windows networking. I need to fill this gap inability for my penetration testing and red teamwork.

I’ve avoided Windows stuff for most of my career, and now I’m playing catch-up.

Public speaking/presenting

Basically, start speaking at cons, meetups, and the like. Probably join Toastmasters and start submitting talks to cons/meetups. The goal is to get over my fear of doing it and hopefully provide value to at least one other person.

Extra

In-real-life conferences and meetups

This is obviously dependent on where things stand with COVID-19 restrictions. I mainly want to meet with folks I know via Twitter and other places, conversing face-to-face and developing those friendships.

Here are some that come to mind.

  • Dallas Hacker’s Association meeting: Hopefully in 2021 I’ll be flying to Dallas for several days.
  • DC610 meetups again: Officially back in real life in June 2021! I wasn’t able to make the June one, but I will be at the July one and others after.
  • REcon: canceled in 2021, yet will be back in 2022!
  • Defcon: not canceled for 2021, but I’m not going there. I did get a virtual ticket which I don’t care much about. Being with friends is the key value point there.
  • Lobbycons somewhere?