Before the course and the registration procedure, there was a challenge that had to be overcome.

The so called FC4.Me Challenge.

This challenge is a short Web Application Security challenge designed to show that if you can't complete this, then you shouldn't attend the course yet but instead focus on sharpening your skills. The problem is however that the exam hardly focuses on skills like this though both software exploitation and web application security are 2 topics...

For the past few months I've been doing the CTP course by Offensive Security (offsec.com) and to begin with I had no idea how hard it might be, nor do I have any certifications. I only have experience from a SysAdmin education, many years of self-study, a few internal vulnerability assessments at various companies and some free security consulting for mostly major clients regarding Web Application Security.

Anyway I couldn't wait to get started with the course, so I read all the information...

While doing a course from Offensive Security (Cracking the Perimeter) which has been a real eye-opener into
Assembly and deep into overflows, I've also dug into Anti-Virus applications to put some of them to the test.

At first I created a "blackpaper" about bypassing signature based AV-scanners, with a bit more advanced
encoding techniques than the ones used in a particular video starring Mati Aharoni aka Muts from the well
known Offensive Security firm....

Recently, the company I'm working at has gone crazy with re-implementing old policies and even introducing new, about security that is.

I am however merely just employed as a dumb support agent, meaning I have nothing to say besides asking questions which they've apparently used to classify me as a potential security threat.. Not 100% sure about that, but I did randomly eavesdrop that there was someone or something that they thought was a potential security threat. Anyway, that isn't...

So, it has been sometime since my last blog and I had begun to wonder what I should blog about next. Nothing epic, just some real life stories about how people tend to brag and afterwards phail. Yes, phail with ph cause it's computer related and it's amazing at how much phail can occur in some periods.


[The events in this blog has been slighty edited to leave out real names and such.]


Part I

So, I guess some individuals have heard about the HTML-programmer...