Compare commits

..

2 Commits

Author SHA1 Message Date
Joost Agterhoek
b7668f77ce added mastodon and gitea/gitlab links and icons 2024-09-19 12:53:08 +02:00
Joost Agterhoek
cc6760d53d forgot some posts 2024-09-19 12:52:33 +02:00
3 changed files with 53 additions and 5 deletions

View File

@ -1,5 +1,5 @@
base_url = "https://not-matthias.github.io/apollo/"
title = "not-matthias"
base_url = "https://joostagterhoek.nl"
title = "My personal website"
description = "This is an example description"
build_search_index = false
generate_feeds = true
@ -21,7 +21,7 @@ fancy_code = true
dynamic_note = true # a note that can be toggled
mathjax = true
mathjax_dollar_inline_enable = true
repo_url = "https://github.com/not-matthias/apollo/tree/main/content"
repo_url = "https://code.joostagterhoek.nl/joost/website-zola/src/branch/main/content"
menu = [
{ name = "/posts", url = "/posts", weight = 1 },
@ -31,8 +31,8 @@ menu = [
]
socials = [
{ name = "twitter", url = "https://twitter.com/not_matthias", icon = "twitter" },
{ name = "github", url = "https://github.com/not-matthias/", icon = "github" },
{ name = "pleroma", url = "https://social.joostagterhoek.nl/joost", icon = "mastodon" },
{ name = "gitea", url = "https://code.joostagterhoek.nl/joost", icon = "gitlab" },
]
custom_css = []

View File

@ -0,0 +1,25 @@
+++
title = "I want to learn malware analysis (again)"
date = 2024-08-28
updated = 2024-08-29
[taxonomies]
tags = ['malware analysis']
+++
## What got me hooked
The heading says it all: I *really* want to learn malware analysis. Ever since I finalized the [Practical Malware Analysis & Triage](https://academy.tcm-sec.com/p/practical-malware-analysis-triage) course by [TCM Security](https://academy.tcm-sec.com/), I was hooked. I 💚loved💚 the entire course, especially diving deep into binaries, (trying) reverse engineering, debugging. I went through all the material, did the labs and wrote up a report, a (very shallow) static and dynamic analysis of a WannaCry-sample. I found my niche (or so I thought...)
## Rabbit holes
One thing that bothered me throughout the course, was the lack of direction and stable ground when investigating and debugging binaries. I found myself stuck reverse engineering functions that were not user written code (C runtime for example). I got close to a particularly interesting part, stepping into and over functions, all to ultimately never reach that goal of finding a specific return value or determining a critical execution flow junction. So I thought to myself: what's the best way to learn how programs work, and flip them inside out? By building them myself! With that motivation, I dove deep back into Python 🐍, thinking, this will be a good starting ground to hop over to C 🖥️ later. But...I think I got stuck at the first step! 🛑 Over the last year, I got really hooked on programming. Some of the stuff I (partially) made:
* A [`Flask`](https://flask.palletsprojects.com/en/3.0.x/) website to look up individual URLs, websites, IP addresses and email addresses for general security analysis purposes. [(Code and screenshots here)](https://code.joostagterhoek.nl/joost/flask-soc-site).
* A command-line interface tool that does the same, without the upload feature. I still need to add relevant emphasis on certain values and legend explanations. The tables are drawn with the [`rich`](https://rich.readthedocs.io/en/stable/introduction.html) module. [(Code and screenshots here)](https://code.joostagterhoek.nl/joost/cli-lookup)
* Finally, the same idea, now in a [`Tkinter`](https://docs.python.org/3/library/tkinter.html#module-tkinter) GUI app. I'm currently reimplementing the basically functioning app into classes for the main app and the frames, which is proving quite challenging. ([Code and screenshots here](https://code.joostagterhoek.nl/joost/gui-host-lookup))
## Refocused (with more experience)
Trying to get back into malware analysis, malware study in general, has been really difficult for the past couple of weeks: the Practical Malware Analysis-book I was working with feels entirely foreign (I also can't get the labs to properly function, as it's all Windows XP-based and the executables don't do what the book says). After some frustrated attempts, I will now refocus on my two main interests in the field of malware: developing 🏗️ and reverse engineering 🖥️ .
Developing I hope to do with my brand-new lifetime access to [Maldev Academy](https://maldevacademy.com). Reverse engineering by reading and practicing along with the (so far very practical) book [Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation](https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315). I hope to post any notes or blog posts about my progress here.

View File

@ -0,0 +1,23 @@
+++
title = "Syncing works"
date = 2024-09-08
updated = 2024-09-08
[taxonomies]
tags = ['self-hosting', 'zola', 'automation', 'systemd']
+++
## rsync and systemd
I am quite 🤩 ecstatic 🤩: I got a seamless sync working between my local Git-controlled site content and my server! The way I did it:
1. use rsync to sync local files to the server in a normal user-owned folder
2. setup another rsync-script owned by the `zola` user on the server
3. create a `systemd` unit path and service that syncs these files with the proper ownership to the folders where the `zola` service watches for changes
4. 💸 profit!
## Resources
Online resources that helped me with this:
- [Using systemd Path Units to Monitor Files and Directories](https://www.putorius.net/systemd-path-units.html)
- [How to run systemd service as specific user and group in Linux](https://www.golinuxcloud.com/run-systemd-service-specific-user-group-linux/)