Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay

Code Execution Inside PID 0

Achieving kernel-level code execution in the System Idle Process by hooking power management routines in nt!PoIdle.

https://archie-osu.github.io/2025/04/13/powerhook.html

#KernelExploitation #WindowsInternals

(good reading) Introducing Early Cascade Injection: From Windows Process Creation to Stealthy Injection:

https://www.outflank.nl/blog/2024/10/15/introducing-early-cascade-injection-from-windows-process-creation-to-stealthy-injection/

#codeinject #reverseengineering #programming #windowsinternals #cprogramming #informationsecurity #cybersecurity

(good reading) Introducing Early Cascade Injection: From Windows Process Creation to Stealthy Injection:

https://www.outflank.nl/blog/2024/10/15/introducing-early-cascade-injection-from-windows-process-creation-to-stealthy-injection/

#codeinject #reverseengineering #programming #windowsinternals #cprogramming #informationsecurity #cybersecurity

Windows Internals Basics: Understanding the Inner Workings of the Operating System

Windows internals is a fascinating field of study that delves into the inner workings of the Windows operating system. It encompasses various components such as the kernel, device drivers, processes, threads, memory management, and file systems. By understanding these fundamental concepts, you can gain insights into how Windows manages resources, handles hardware interactions, and executes user applications.

Full Read - https://www.knowcybersec.today/2024/03/windows-internals-basics-understanding.html

#cybersecurity #windowsinternals #basics #windowssecurity

I wrote a thing for work! Microsoft are introducing a new type confusion bug class mitigation called CastGuard, as part of the MSVC++ compiler.

Right now it's still undocumented & unreleased. I stumbled across it by accident while looking at the Load Configuration directory in PE files, and ended up going down a deep rabbit hole of reverse engineering the entire feature and discovering all the hidden compiler flags and language keywords

https://labs.nettitude.com/blog/preventing-type-confusion-with-castguard/

#cpp #windowsinternals #security

Windows API Function Cheatsheets: https://github.com/snowcra5h/windows-api-function-cheatsheets

#windowsapi #cheatsheet #windowsinternals #malwareanalysis #reverseengineering

Guest lecture on Windows Internals (aimed at total beginners), given at the Ruhr-Universität Bochum: https://www.youtube.com/watch?v=I_nJltUokE0

#windowsinternals