6 minutes
Hello World
Who Am I
I am Covert Corvus. My degree is in information security and digital forensics. My background is in network security. I currently work as a penetration tester with a focus on Active Directory environments. I have been consuming security content for years now and would like to finally contribute, be it ever so minimal, by starting this blog to help others starting like I did.
Please be aware, I am not an expert. I am just learning, like everyone else, and every aspect of this field is constantly changing. I will do my best to keep things factual and true, but know that I will make mistakes along the way, and that’s part of the learning experience. I have no misconceptions that this blog will be a work of perfection and I ask that you don’t either.
When I’m not working I enjoy hiking/exploring, gaming, using too many GIFs, and I bounce around between different hobbies. Lately that hobby has been been taking iOS programming lessons in hopes that it will help my coding skills.
Why Blogging
I decided to start this blog for several reasons. First, I want to share information with like minded individuals. This includes tools I’ve found, experience I’ve had through penetration testing, and current events related to cybersecurity. I will try to keep this information as factual as possible rather than only using this blog as a way to broadcast my opinions. I think this will help keep it true to its intended purpose.
Second, I want to solidify my learning through teaching. Teaching has always helped me cement concepts in my mind. I believe by writing posts about my experiences I can become a better cybersecurity professional. It will also help me keep track of what I’ve learned so I can look back on it later.
And lastly, because it’s difficult. I am intimidated about posting publicly because I feel there are people out there that are much more qualified than I am. Writing is not my strength. I know I’m going to be wrong sometimes. These things have kept me from participating in much of social aspect of cybersecurity (Discord channels, Twitter, etc.). I would like to change that and this blog is one way I’m stepping out of my comfort zone.
I really like what Jason Blanchard from Black Hills said in this presentation:
You are not enough for everyone You are enough for someone
I believe that quote is this blog in a nutshell and has helped inspire me to start. This blog will not be for everyone. There will be those who are more advanced in their skills than me and there will be those who do not like my style of posting. But this blog is not for them, it’s for that one person that is looking for ways to learn, that benefits from the content I can bring them, and that is the audience I am going to focus on.
Blog Format
I plan to use this blog as a way to teach tools that have been useful to me, basic skills I think may be useful to others, and anything else I think would be relevant to someone learning alongside me. I don’t necessarily want the posts to be long, although some may turn out that way. This will make the posts more obtainable and save you having to skim 50 pages of meandering thoughts.
Some of these posts are going to have information that’s wrong, that’s just part of learning unfortunately. So for that, I apologize in advance and welcome any corrections so I can update the posts and point out the errors to keep others from making them as well.
Post Content
Since I’ll be teaching myself from a year ago, I will be covering some basic skills, such as good sources for staying up to date, underrated skills, and more. Part of cybersecurity is not technical, it’s learning the art of gathering information. Whether you’re blue team, red team, or somewhere in the middle, the art of discovering is a vital skill in this field and something I wish I learned sooner.
Some of these posts will simply be filled with links and tips on how to use them. There are a lot of a great resources already out there, but you may not have come across them yet. More than once I’ve stumbled across a guide or a Github project that has made me wonder how I got along without it for so long. I would like to share these for anyone who has not found them yet. Instead of writing a whole article that ends up being a watered down version of the original post, I want to send you directly to the source.
I’ll also be posting tutorials and usage examples. These instructions and screenshots will be completed in a lab for privacy reasons, but may be a simulation of a real world example I’ve encountered. One major gripe I have with material is how many labs contain examples with out of date hosts. These are usually machines running Windows XP or Windows 7 that have no firewall, anti-virus has disabled, and the victim always falls for the links you send them no matter how sketchy they look. These types of examples have their place very early on in the learning experience to quickly and easily show concepts, but most of the courses I’ve been in never transition out of that phase. Sometimes it’s handy to turn off one feature, like antivirus, when showing off a tool that should be used in conjunction with other tools, but again, the tool should work for it’s intended purpose on a fully patched or near fully patched host or it’s not worth learning.
For the majority of examples, I will be using fully patched Windows 10 (or Windows 11) hosts or the latest Windows Server versions. I will leave the firewall enabled and strive to leave as many default settings in place as possible. If I ever do need to turn off a host firewall, disable anti-virus, or something similar I will specifically point it out and explain why I did that. For example, if I’m showing the capabilities of a new reverse shell, I may disable the anti-virus in order to not complicate the lesson by adding evasion steps.
Conclusion
I know there are many other blogs out there and I’m humbled you’ve spent time reading mine. Thanks for stopping by and please reach out to me if you have any questions, comments, or ideas for content you would like to see covered!