About

This is my personal site. To a great degree, it's a place for me to write down my notes, as well as serve as a bit of a public facing sandbox.

About this site

This site was founded originally so that I'd have a place to write down my notes and writeups when I was studying for the OSCP cert, so a lot of what's on here is going to be about cybersecurity and computing topics. To a great degree, that's still true too.

Now that I'm quite a ways past that exam, though, the site's sorta become just a bit of a playground for me to try new things with web dev, systems administration, and things of that nature.

Overall, this is mostly just a place for me to document my notes on different topics. Mostly cybersecurity and computing, but also on other things I'm interested in like language, history, etc.

In any case, I hope you find the writings here useful.

About me

Professionally, I'm a cybersecurity professional. In terms of certs and skills, the following should be a somewhat extensive list:

  • Kali Linux
  • Network Vulnerability Scanning
  • Buffer Overflow Exploits
  • Exploitation
  • Client Side Attacks
  • Web Exploitation
  • Password Attacks
  • Pivoting
  • Antivirus Exploitation
  • Advanced Command Line
Click to see more...
  • Practical Tools
  • Bash Scripting
  • Active Information Gathering
  • Passive Information Gathering
  • Vulnerability Scanning
  • Web Application Attacks
  • Windows Buffer Overflow
  • Linux Buffer Overflow
  • Locating Public Exploits
  • Fixing Public Exploits
  • File Transfers
  • Antivirus Evasion
  • Port Redirection
  • Tunneling
  • Active Directory Attacks
  • PowerShell Empire
  • Privilege Escalation
  • Metasploit
  • Port Scanning
  • Information Gathering
  • Risk Assessment
  • Legal, Regulatory, and Compliance Requirements
  • Governance and Policy
  • Business Continuity and Disaster Recovery
  • Data Classification and Ownership
  • Data Privacy
  • Data Retention and Deletion
  • Secure Data Handling
  • Security Models
  • Cryptography
  • Secure System Design
  • Physical Security
  • Network Protocols
  • Network Security Controls
  • Wireless Security
  • Identity and Access Management (IAM)
  • Authentication and Authorization Methods
  • Single Sign-On (SSO) and Federation
  • Privileged Access Management (PAM)
  • Security Operations
  • Incident Response and Recovery
  • Threat Intelligence and Analysis
  • Vulnerability and Patch Management
  • Logging and Monitoring
  • Secure Software Development
  • Software Development Lifecycle (SDLC)
  • DevSecOps Principles
  • Secure Code Practices
  • Software Testing and QA
  • Cloud Security
  • Cloud Architecture Models (IaaS, PaaS, SaaS)
  • Cloud Security Controls
  • Shared Responsibility Model
  • Compliance in Cloud Environments
  • Social Engineering Prevention
  • Security Awareness Training
  • Supply Chain Risk Management

This could get more granular, but I would think that's a bit excessive.

In additon to the above, I have some experience in LAMP administration, PHP development, and HTML/CSS.

Apart from computer security, I'm a certified locksmith, formerly a certified armed guard, and have an extensive background in physical security.

Completely apart from professional matters, while I do enjoy solving CTF challenges and doing boot to roots like on Hack the Box for fun, outside of cybersecurity, I'm into many other diverse things, such as history, language, outdoorsmanship, locksport, historical fencing, marksmanship, antique collecting and many many other things. So to that end, while most of what I end up writing here is probably going to be about computers and computer security, you may see an occasional article written about these other topics as well.

Glowbox?

This has been a domain that I've owned on and off again for quite a long time, and is simply my "brand" I guess at this point.

The name is referring to the fact that a PC monitor is a Glowing box + the fact that, waaaay back in 2011 I was obsessed with putting box-shadow effects on div elements, which are styled according to the CSS box model. The first Glowbox way back then was more or less my web design portfolio site that was hosted on an old rack mounted machine I had found at a local e-waste recycler. Web design turned into building PHP scripts, one of which was a forum project. That in turn lead to Glowbox hosting game servers in order to drive users to the forum, and that lasted until pretty much the very last day of 2014, when I finally shut things down in order to focus on real life.

But yeah, the name mostly refers to the idea of a glowing box -- monitors, div elements, that sort of thing.