Passed my GCIA GOLD Certification!
I have finally past my GCIA GOLD! You can read the white paper here! http://www.giac.org/paper/gcia/8966/learning-dridex-malware-adopting-effective-strategy/128882
I think long and hard before going for my GCIA GOLD. Taking up the GOLD certifications was a tough decision as it wasn't in my schedule. After thinking through, I figured that I should do it. Reason being that I had discovered something from analysing malware callback traffic that the security community had not discover yet, hence I decided to write it down and claim my research work before anyone else does. In addition, I had been working on analysing pcap using various command line tools and not just wireshark, this is another area that very few people actually practice.
By writing this white paper, I am able to claim two (and a half technically) areas of pcap analysis that is exclusive to me, using packet bytes characteristics to identify malware traffic, and doing pcap via command line. It also includes the research regarding malicious usage of certain HTTP fields that malware uses to hide traffic. Although there is analysis work out there that had identified the malicious object dropped from the use of this field, it hasn't been extensively covered yet. My white paper would be the first endorsed article that covers the malicious use of this http field by malware.
By having the white paper endorsed, I can confidently claim that the accuracy of my analysis of malware callback traffic with reference. Identifying C2 Traffic by Packet Bytes ~ Welcome to Gravity Sec!
I also get to work my my advisor who is a GSE certification holder Angel Alonso Parrizas
If anyone have any questions regarding doing gold certification, feel free to drop on this thread and I will try my best to answer.
I think long and hard before going for my GCIA GOLD. Taking up the GOLD certifications was a tough decision as it wasn't in my schedule. After thinking through, I figured that I should do it. Reason being that I had discovered something from analysing malware callback traffic that the security community had not discover yet, hence I decided to write it down and claim my research work before anyone else does. In addition, I had been working on analysing pcap using various command line tools and not just wireshark, this is another area that very few people actually practice.
By writing this white paper, I am able to claim two (and a half technically) areas of pcap analysis that is exclusive to me, using packet bytes characteristics to identify malware traffic, and doing pcap via command line. It also includes the research regarding malicious usage of certain HTTP fields that malware uses to hide traffic. Although there is analysis work out there that had identified the malicious object dropped from the use of this field, it hasn't been extensively covered yet. My white paper would be the first endorsed article that covers the malicious use of this http field by malware.
By having the white paper endorsed, I can confidently claim that the accuracy of my analysis of malware callback traffic with reference. Identifying C2 Traffic by Packet Bytes ~ Welcome to Gravity Sec!
I also get to work my my advisor who is a GSE certification holder Angel Alonso Parrizas
If anyone have any questions regarding doing gold certification, feel free to drop on this thread and I will try my best to answer.
Comments
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
2018 Goals - [ ] GSE Lab [ ] OSCP Enrollment
Late 2018-Early 2019 Goals: [ ] RHCSA [ ] RHCE
I have a question, though. What does Gold get you apart from kudos? Presumably, if it was published elsewhere, you could still get the kudos without the $499 price tag.
Website gave me error for signature, check out what I've done here: https://pwningroot.com/
Were you listening to the dude's story Donny? He completed a white paper, not an exam.
GIAC Gold: http://www.giac.org/certifications/gold
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response
I'm retarded, still getting used to GIAC and the way it works.
Website gave me error for signature, check out what I've done here: https://pwningroot.com/
I was thinking along the lines of publishing in a peer reviewed journal. I've not really looked into all that, so not sure how hard it would be to get published academically. Do you know how it would compare?