assembly and RE vs expanding into C2 creation / learning
#1
Hi-

I'm not necessarily lost here, I'm just looking for other people's perspectives with this.

So it's probably evident by now that I like working with malware and while I'm new to the scene it's starting to make sense. A couple weeks ago I was on the verge of looking seriously into mobile malware centering on Android dev and JSON, but I have no experience with either of those things. Now to be clear, it's not like I couldn't learn those things, it's just that what I'm focusing on currently is more than enough. What I mean to say is that from that experience I learned that "working with malware" for me specifically means working with C and assembly and reverse engineering. Nothing more (at least for the foreseeable future). There's more than enough for me to learn within that alone. Never mind I'm still just starting to grasp the fundamentals.

Now, without going into too much detail, I feel it's necessary for professional reasons to augment what I know about networking, which is paltry at the moment. To that end, I thought "ok - I'll make my own C2 server from scratch and have it infect one of my machines etc." I had an idea to document everything in terms of the CIA triad, the OSI model, and where applicable, the OWASP top 10. I configured a dedicated router. I dedicated one of my laptops as my server, implementing best practices for hardening a server (separate user, firewall, etc - something I've never done before) I created my own simple TOR hidden service (something I definitely want to explore later) thinking I'd use that as my C2... My point is is that the more I got into this the more work I realized it was. I guess maybe I was in miniature inadvertently trying to do what a ransomware group would do by myself. Maintaining the server, making sure the traffic was encrypted, thinking about some kind of steganographic means of delivery, etc.

Should I continue attempting to build this C2 experiment, or should I just focus on the world of C and assembly? My inclination is the latter. Again, it's not that I'm not capable of doing both, it's just that it's apparently a lot of work. Cybersecurity and working with computers for me is like pressing my eyes into some kind of infinite fractal where it just goes on and on. Yes, I know that no one person can know it all.

Again, any opinions about this would be helpful. And just out of curiosity for those inclined - What's been your experience with learning and applying new skills, especially when trying to get hired for a position? While I do think I'm a resourceful and persistent individual, sometimes I feel like either a complete idiot when working on things and/or that I'm going to be a mummified skeleton at my keyboard before I see tangible results. Am I insane? Do others experience this? Discuss.


Thanks for taking the time to read this,
neftis
Reply


Messages In This Thread
assembly and RE vs expanding into C2 creation / learning - by neftis - 09-20-2021, 09:57 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  RaaS forums and Markets wandenreich 10 6,944 03-23-2022, 02:07 AM
Last Post: Vector
  Point of learning assembly? shmoeke 2 6,383 09-21-2021, 07:11 PM
Last Post: poppopret
  explorations in BlackMatter machine code and ELF parsing neftis 1 6,783 09-07-2021, 07:37 AM
Last Post: Vector
  Phishing and Spamming tool blackhat292 1 8,905 07-16-2021, 05:20 PM
Last Post: Vector