Welcome to my new technical blog!
I've been meaning to start a technical blog for such a long time but never got around to doing it. I have learned and consumed so much quality content from so many great minds in our industry over the years, I'm hoping I can finally contribute something worthwhile and interesting.
My name is Michael and I am, among many other things, an information security professional. I've spent most of my career specializing in incident response,threat hunting, detection engineering, and red-teaming. I am aiming to write about my opinions and experiences on these, and other infosec-related topics, on this blog.
I've spent a lot of time in recent years practicing and improving my offensive security skills. I've always considered myself a hacker-at-heart, if not always in practice. It's never boring and always rewarding to learn how something works, how to break it, and how to prevent someone else from breaking it. Knowing about attack techniques and tactics is one thing; developing practical skills executing those attacks is another. I learned that very quickly when I first attempted the OSCP exam and again with the OSED exam (I'm glad to say I've passed both exams now). Both were though and rewarding exams for sure, yet they're but a starting-point of a journey, far from the destination. If nothing else, offensive-security training have taught me to be persistent and persistently creative when solving problems.
I have consistently gained skills and knowledge that have helped me become a better security professional by practicing and studying offensive security in general. I consider offensive-security — thinking and practicing like a hacker — a foundation upon which all other technical skills are built in infosec. I have collected a handful of GIAC certifications as well, which are difficult and valuable in their own right, but this isn't a resume so I won't bore you with more details here.
Recently, I wanted to focus less on certifications and formal pursuits and more on passion-projects and research. I have so many ideas for tools, attack-techniques, and other proejcts, and that's what I have been focusing on, as free-time permits.
Ater passing the OSED, I wanted to practice exploit development, learn and practice vulnerability research, and so much more. However, I found myself studying how Windows work in-depth, and EDRs (how to evade them and how they work). That happened to intersect with some of the more advanced exploitation labs and EDR-evasion techniques I've had my eye on, which mostly involve Windows kernel-mode drivers—how to exploit them and how they're used to implement modern EDRs. As a result, that's what I've been spending a lot of my time studying in the past few months. I am planning on writing about what I've learned so far and refocusing my attention on developing PoC exploits.
Although I've been spending a lot of time recently in Windows-land, I've spent a lot more time using, breaking, fixing, and administering Linux systems. I love all things Open-Source and Unix-y by design and philosophy. I love coding, learning new programming languages and ocassionaly distro-hopping. I've spent more time than I care to admit setting up and managing my really-cool-and-fancy home network as well.
Infosec aside, I am a huge fan of sci-fi. Books, movies, shows—I'm all for it!
Whether it is infosec, sci-fi or just about anything else, hit me up and let's chat. I won't bite and I'm always looking to make new friends.
I started looking into how to host a blog in 2025. There are endless options but I kept returning to simpler approaches.
Github pages does a great job of out-sourcing the hosting and site-management side of things. But static-site-generators like Jekyll just seem to lack character. Being a personal blog site and all, I saw it fitting to use a format I myself like and appreciate greatly: simple HTML sites with a very light touch of CSS.
Let me know what you think of this site and how I can improve the content as well as the experience.
Thanks for visiting my blog, and stay tuned for more posts from me.