Passed my GCIA GOLD Certification!

LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
I have finally past my GCIA GOLD! You can read the white paper here! http://www.giac.org/paper/gcia/8966/learning-dridex-malware-adopting-effective-strategy/128882

I think long and hard before going for my GCIA GOLD. Taking up the GOLD certifications was a tough decision as it wasn't in my schedule. After thinking through, I figured that I should do it. Reason being that I had discovered something from analysing malware callback traffic that the security community had not discover yet, hence I decided to write it down and claim my research work before anyone else does. In addition, I had been working on analysing pcap using various command line tools and not just wireshark, this is another area that very few people actually practice.

By writing this white paper, I am able to claim two (and a half technically) areas of pcap analysis that is exclusive to me, using packet bytes characteristics to identify malware traffic, and doing pcap via command line. It also includes the research regarding malicious usage of certain HTTP fields that malware uses to hide traffic. Although there is analysis work out there that had identified the malicious object dropped from the use of this field, it hasn't been extensively covered yet. My white paper would be the first endorsed article that covers the malicious use of this http field by malware.

By having the white paper endorsed, I can confidently claim that the accuracy of my analysis of malware callback traffic with reference. Identifying C2 Traffic by Packet Bytes ~ Welcome to Gravity Sec!

I also get to work my my advisor who is a GSE certification holder Angel Alonso Parrizas

If anyone have any questions regarding doing gold certification, feel free to drop on this thread and I will try my best to answer.

Comments

  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    Congrats on your huge achievement! icon_cheers.gif
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
  • Rumblr33Rumblr33 Member Posts: 99 ■■□□□□□□□□
    Congrats and well done. This was a good read about your analysis and Dridex.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats! That's quite the achievement!
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • cgrimaldocgrimaldo Member Posts: 439 ■■■■□□□□□□
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    Congrats on your massive achivement
  • twodogs62twodogs62 Member Posts: 393 ■■■□□□□□□□
    Congrats, exciting!!!! Good job!!!!
  • sap1437sap1437 Registered Users Posts: 2 ■□□□□□□□□□
  • URG_PSH_FINURG_PSH_FIN Member Posts: 33 ■■□□□□□□□□
    Way to go!
    MS in Information Assurance - Regis University

    2018 Goals - [ ] GSE Lab [ ] OSCP Enrollment
    Late 2018-Early 2019 Goals: [ ] RHCSA [ ] RHCE
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    Congratulations!
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • OctalDumpOctalDump Member Posts: 1,722
    Congratulations. It great for you to be able to contribute something significant like this to the security community.

    I have a question, though. What does Gold get you apart from kudos? Presumably, if it was published elsewhere, you could still get the kudos without the $499 price tag.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    The 499 price tag can be claimed from my company, and it also comes with with CPEs to renew other certification. Most importantly, the contents had been read through by a gold adviser and graded by another person in the community, hence the published content are verified by multiple party instead of a generic tech site. This allows me to use published work as reference more easily without causing additional doubts.
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    What did you use to study? Their on demand content?
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    TacoRocket wrote: »
    What did you use to study? Their on demand content?

    Were you listening to the dude's story Donny? He completed a white paper, not an exam.

    GIAC Gold: http://www.giac.org/certifications/gold
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • tahjzhuantahjzhuan Member Posts: 288 ■■■■□□□□□□
    awesome job man!
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    iBrokeIT wrote: »
    Were you listening to the dude's story Donny? He completed a white paper, not an exam.

    GIAC Gold: GIAC Gold Overview

    I'm retarded, still getting used to GIAC and the way it works.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • OctalDumpOctalDump Member Posts: 1,722
    LionelTeo wrote: »
    The 499 price tag can be claimed from my company, and it also comes with with CPEs to renew other certification. Most importantly, the contents had been read through by a gold adviser and graded by another person in the community, hence the published content are verified by multiple party instead of a generic tech site. This allows me to use published work as reference more easily without causing additional doubts.

    I was thinking along the lines of publishing in a peer reviewed journal. I've not really looked into all that, so not sure how hard it would be to get published academically. Do you know how it would compare?
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    What I can think of is to check the editorial guidelines. They may require specific fonts and alignments, you had to watch out for them although its a minor issue. The more important area would be how you reference someone else work, there is a standard for it. The last point would be writing the statement correctly, this includes rephrasing in the best way possible. This could be easy task for naturally born writer. I had to reread my own paper 50 over times to fix this, even so I still continue to discover errors as I read my own paper now.
  • rudegeekrudegeek Member Posts: 69 ■■□□□□□□□□
    Congrats, much respect!
  • kiamkiam Member Posts: 18 ■□□□□□□□□□
    Congratulations, impressive!
Sign In or Register to comment.