November 2015

Getting Started in InfoSec!

The first time i heard about infosec was in campus when they introduced the course on Digital Forensics and Cyber Crime in USIU. The description i was given, is that the classes involve hacking, so i enrolled for it. To be honest, i thought hacking was really cool :D

What i really enjoy about infosec is how it challenges your intellect. It shapes your thought process and gives you quite a unique perspective of technology. A mindset that you can only gain via experience in the field and interacting with other knowledgeable and seasoned infosec professionals. Infosec and IT are two very different fields yet quite related. In infosec you are taught how to break while in IT you are taught to make. Infosec makes you very paranoid by nature and trust does not come easy especially when you understand the capabilities of the people around you and how malware works. So how does someone get started in this profession and become an ethical hacker, well,this simple diagram illustrates just that.

Like any other technical field, be prepared to make mistakes and learn from them as quickly as possible. Be prepared to accidentally screw up production servers, delete key databases and the occasional self infection when analysing malware for the first few times. Be prepared to face challenges you will have no idea how to fix at first. At the end of the day, this career is really AWESOME. ( • _ •) ( • _ •)>⌐■-■ (⌐■_■)


~# whoami

I am a Digital Forensics and Incident Response (DFIR) analyst by profession. I started off in the field of Network Security Monitoring, which by natural progression, morphed into data analysis and analytics. It is during this transition that i discovered botnets and malware, and was quickly fascinated by their capabilities and complexity. I developed a keen interest  on PC malware analysis and forensics, then soon found myself diving into mobile malware and Human Interaction Device (HID) hacking.

This blog is simply an online repository for my thoughts, interactions and the projects i have been working on. Simply to share ideas and insight i gather this field. The blog is a host to resources that i have accumulated over time that i find very handy in my research, for reference purposes and day to day activities. The resources are as listed below with their location on google drive.
The material above have been downloaded from various websites all over the internet, some of which i cannot trace back to the original authors. However, i would like to give credit to the authors of the excellent material and give this disclaimer that i do not own them but simply aggregate them for ease of access to whoever might have an interest in them.

I trust you will find the information on this blog useful and possibly ignite a conversation on matters cyber security, present an opportunity to share ideas and collaborate on various projects.

You can follow me on twitter at @xtian_kisutsa or email me at shadowinfosec<@> for any follow ups on my blogs post or any inquiries.

 Happy Reading :)

~# exit
~$ exit