About

About

Howdy, I’m Alex!

I’m currently a second-year mathematics student at the University of Western Australia.

Despite initially falling in love with pure mathematics, I felt like the real-world impact was missing. One day, I stumbled upon HackTheBox and that set in motion what has been an incredibly exciting journey into the world of infosec.

Most of my focus so far has been on developing skills in penetration testing (as evidenced by my blog posts) primarily through HackTheBox labs and their academy.

Recently, I’ve fallen into the world of hardware ‘hacking’ and the weird, wonderful, and wacky world of IoT devices. This has led me to learning the art of not burning yourself whilst soldering UART pins, as well as chasing the dragon (disassembling firmware in Ghidra).

When I’m not lit by a wall of screens, you’ll probably find me out on my motorbike soaking up the sea breeze or getting chalky at the climbing gym.

Current projects:

  • CPTS Exam - Penetration Testing Certification
    • Currently preparing for this exam by completing a bunch of HTB boxes and creating write-ups to reinforce my knowledge.
  • TL-WR841N Writeup
    • Tear-down and analysis of the TP-Link TL-WR841N router. Performed in conjunction with my completion of the IoT Hacking Course by TCM.
  • Tapo C110 Research
    • Independent research on the TP-Link Tapo C110 security camera.

Current priorities:

  • Hack the Box - Penetration Tester Pathway
    • Deep dive into core security assessment concepts and specialized tools, tactics, and methodologies used in penetration testing.
  • InvokeRE - Introduction to Malware Binary Triage
    • Hands-on reverse engineering and analysis of real-world malware samples; from nation-state SMB worms to prolific ransomware.
  • Constructing Defense - Purple Teaming Home Lab
    • Building a local and multi-cloud lab environment featuring various Windows AD setups, Kubernetes, Azure, AWS, and more.
  • From Day Zero to Zero Day - Vulnerability Research
    • Target selection, taint analysis, code mapping, automated variant discovery, reverse engineering, fuzzing, and coordinated disclosure.

Get in touch

I love having a chat, so please feel free to contact me at the following:
email or find me on LinkedIn.