0x00: Why blog on this topic?

Recently, I have been reading the book Linux Kernel Development by Robert Love, well am definitely not promoting it but quite a good book to lurk around, previously I had no experience on deep dive onto Linux Kernel, but hopefully I find some insights on this, Anyways this blog will be on how actually threads are implemented in Linux.

0x01: The need of knowing a bit about Process:

We came across the term Job in context about Linux terminology, a job is managed by the shell, basically a job consists of processes, well the term processes is more of just the execution of the program, the process has it’s…

0x00: Why blog on this topic?

On, the previous blog on a brief introduction on a ELF file, I took some time to describe few necessary topics such as the headers, Segment, Section but a few more info on how the files are loaded into memory, or how are they linked? …

A boring story :

As a guy who likes to understand threat hunting and how defenders deal with adversaries and their malicious intent, I along with my fellow teammates came up with an idea of a small library which has some info on nation-state backed up adversaries, although we are not a bunch of professional threat hunting trade craft masters but, finally we came with something a quite interesting known as HAWK Base, our goal is to learn more about how threats operate on victim machines, therefore I came up with the conclusion that understanding how malicious events and process creation are detected and…


After a brief introduction to PE file format, this blog will be dedicated towards understanding ELF format, as understanding file formats is quite helpful while learning malware analysis & reverse engineering.

Glimpse of ELF file & it’s format

A random ELF file opened using 010 hex editor

As per Wikipedia & other blogs ELF or Executable and Linkable Format is a common standard file format for executables in Linux Systems, compared to other executables formats ELF is way flexible, and it is not bound to any particular processor or instruction set architecture, ELF format has replaced older formats such as COFF(Common Object File Format) in *NIX like operating systems. …


As a nerd being enthusiastic about Reverse Engineering & malware stuffs understanding various file formats is quite a important info because it will clear up some concepts about different sections of the file/executable , which can be helpful during reverse engineering or debugging the executable or further analysis of the binary. In this blog the context will mostly befocused on Portable Executable(PE) file format which are commonly used & discussing them might be useful.

Glimpse of PE File & it’s format

As per the MSDN documentation, This specification describes the structure of executable (image) files and object files under the Windows family of operating systems. These files…

A quick and handy approach is we all want , one of the utmost goal as a defender is to analyze a malicious file or any artifact inside the network & immediately develop host-based signatures & adopt defensive and detection mechanisms to detect further malicious artifacts .

In-depth understanding of malware analysis will be covered in the upcoming blogs along with analysis of unique malicious samples will be updated pretty soon . …

Well , if you have worked or if you are in touch with information security domain for a decent tenure it’s obvious you definitely have crossed path along with the term CVE(Common Vulnerability and Exposures) , also if you have been a part of the offensive side of the security , you will be more prone to the term . Simplifying the dilemma about the framework which assigns CVEs aka MITRE , debunking terms like TTPs would be our main goal alongside understanding of MITRE ATT&CK framework which will be the main goal for the overall blog .

0 : A general overview of the threat landscape

Before getting…


A community for the nerds by the nerds .

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store