if session["admin"] == True:
...
I don’t find myself embracing my “tech” side enough in Web research, but Windows research requires me to write code, compile binaries, play around with user/kernel space, and that makes me feel good when I do find something (Like an undocumented DCOM method to LFI, or Phantom DLL hunting).
Also, Happy New Year! And this shift would probably be my New Years resolution. A few certs I have in mind already:
- Active Directory
- All the stuff from Altered Security: CTRP, CTRE and CRTM
- EDR Evasion:
- Their new EDR evasion course https://www.alteredsecurity.com/evasionlab
- Wrap up on Malware Dev, and compile binaries for each of the techniques and possibly do an EDR bakeoff