It seems like ages since I wrote something that wasn’t shitty and boring. Some people on twitter remind me every now and then of the fresh narrative style I like so much by linking to old articles that a Diego with more time and enthusiasm enjoyed writing!
Found this helpful over the past week researching WMI Event Subscriptions. Well written, easy to follow, and solid detection guidance. Thank you @darkQuassar— The Haag™ (@M_haggis) June 18, 2021
Tales of a Threat Hunter 2 https://t.co/D6bs2hP9aq
Apparently my small and humble research on WMI Persistence (which was only possible because it stood on the shoulders of giants) back at the begining of 2018 was somehow useful to people.
A nice guy even said that it helped him like quadruple his understanding which of course is a hyperbole but it made me feel good anyway :) :
After quadrupling my understanding of wmi-based persistence by reading that blog, simultaneously experiencing intense imposter syndrome at how much I have to learn and feeling like a pro at how well I actually understood that incredible write up.— shoveleejoe and the PalidaN arrow (@shoveleejoe) June 19, 2021
My quest for the wisdom of the cybersphere started with eideon which some book-wise people might have noticed makes reference to the greek word
eidos, which meant many things throughout times like form, essence, and also idea. This latter one is what I tried to capture in that blog, some sort of quantity of an idea, an
eideon. One day, I might even develop yet another programming language around this concept.
Anyways, the adventures continued and I realized that eideon.com wasn’t enough, I needed a more structured way of organizing the knowledge that populates my mental universe. That’s when I decided to start writing an open-source-never-ending book on all things DFIR and Threat Hunting which ended up captured in quasarops.com.
quasarops only captured the most sophisticated and refined version of the knowledge I wanted to develop. It was indeed a book in its very concept. But where would I put all my rumblings, short ideas, pointers, references, small script blocks, etc.? Well I needed something more aking to a knowledgebase. That’s how I entered in the world of Wiki.js, Zettelkasten and of course, Obsidian. And that’s how docs.quasarops.com was born.
However, for some reason both my book in quasarops.com and my KB in docs.quasarops.com were not ensembled in a cohesive idea. Looping back to eideon, I decided to bring it all together in this very site you are reading!
My book is now a bit more refined, and adapted to a better format in the form of a Jupyter Book, where I can not only write markdown but also develop code itself as notebooks:
and we all love notebooks. I decided to also use the book to express how my imaginative world depicts this journey of the past 7 years or so, and that’s why my open-source-never-ending book is now called The Way of the Cyber Warrior. You can check it here: https://theway.threathunterz.com
This website will also feature some CTF challenges and more content coming soon.
NOTE: I need to find an artist to start populating some of the imaginery of the cyber warrior world!
I hope you enjoy this narrative and, perhaps in a few years, some of this content will be of use in your own journey towards wisdom in the cybersphere.
Have a great week! Diego