Senior Research Analyst
Kevin has 5+ years of experience in information security positions for both public and private sector focusing on both offensive and defensive security. During this time, he focused mostly on software development, pen testing, adversarial emulation, and reverse engineering.
Education & Certifications
BS Computer and Network Security from Dakota State University.
Passion for Security
Kevin has had a passion for security since college when he started learning exploit development outside of class in his spare time. That started him off on a path to learn additional complicated topics. Now he enjoys solving difficult problems, spending time in a disassembler, and loves learning how different binaries work.
Recent Blog Posts
Intro Have you heard of the new Beacon Object File (BOF) hotness? Have you ever thought that you should be able to run those outside of Cobalt Strike? Well, if that’s the case, you came to the right place. In this post, we’ll go through the basic steps of understanding and building an in-memory loader...
In this blog post, I will discuss SELinux and Auditd, how to use them, how to determine what the default policies are doing, and how to add new ones. For those who do not know what SELinux is, it stands for Security-Enhanced Linux. More details about SELinux can be found in the resources section at...
Windows in-memory injection is commonplace in current toolsets, there are quite a few methods to do it, and most of them are documented pretty well. Linux in-memory injection is essentially the same, however, not seen in toolsets quite as much. That is why, for this post, I am going to cover four different open-source methods...