Senior Research Analyst
Kevin has 5+ years of experience in information security positions for both public and private sector focusing on both offensive and defensive security. During this time, he focused mostly on software development, pen testing, adversarial emulation, and reverse engineering.
Education & Certifications
BS Computer and Network Security from Dakota State University.
Passion for Security
Kevin has had a passion for security since college when he started learning exploit development outside of class in his spare time. That started him off on a path to learn additional complicated topics. Now he enjoys solving difficult problems, spending time in a disassembler, and loves learning how different binaries work.
Recent Blog Posts
In this blog post, I will discuss SELinux and Auditd, how to use them, how to determine what the default policies are doing, and how to add new ones. For those who do not know what SELinux is, it stands for Security-Enhanced Linux. More details about SELinux can be found in the resources section at...
Windows in-memory injection is commonplace in current toolsets, there are quite a few methods to do it, and most of them are documented pretty well. Linux in-memory injection is essentially the same, however, not seen in toolsets quite as much. That is why, for this post, I am going to cover four different open-source methods...
While going through APT write-ups, I’ve been noticing a lot of focus on detecting Windows malware, so we will skip over that. One thing that I haven’t seen much of online, though, is how to hunt for adversaries on Linux systems. For that reason, this blog post will be all about how you can look...