Ruben Boonen (b33f) is creating Information Security Content
72

patrons

Who
Hola, name is Ruben Boonen (b33f). I have been working in InfoSec since 2011 but my addiction goes a ways further back to before Red Hat was a paid product ;). Throughout my career I have performed hundreds of assessments for private and public sector entities popping many shellz on app/inf and device assessments.

Over the years I have, however, developed a special interest in all things Windows. My main areas of research include: Breakout, privilege escalation, persistence, client-side attacks, Windows internals / kernel exploitation and PowerShell.

I feel like an eternal n00b and I am very thankful to be part of such a caring community. I have stood on the shoulders of giants and continue to do so every day. Because of this I love to give back whenever I can. I have been an assistant trainer at Black Hat USA and I have delivered workshops at DefCon, 44Con and various BSides events. Additionally I maintain an InfoSec blog (fuzzysecurity.com) and GitHub account (github.com/FuzzySecurity) where I publish research on a variety of topics and I am one of the project owners for the PowerSploit post-exploitation framework.

If you like certs on top of your certs, here are some relevant ones I have: OSWP, OSCP, OSCE, OSEE, Crest CCT Inf.

Why
Why am I here on Patreon, is this a money grab? It goes without saying that I appreciate your financial support. I'm not here to take your hard earned $$'s, your support will help me do a lot of cool stuff/grab pieces of kit/research technical topics and drop POC's/tools! I will not go on this journey by myself, as Patrons you will be able to steer the direction of my research and we will organize some live workshops and QA sessions!

What
So what's up next? As Patrons come in we can push the schedule forward and tailor the subjects but the following topics are currently planned.

-=Live sessions (Patrons Only)=-
* Full walkthrough of the Razer 0day I found (CVE-2017-14398).
* Manually Unpacking An Emotet Office Payload.
* Application Introspection & Hooking With Frida.

Malicious Scriptlet Deobfuscation.
* PowerShell Kernel exploitation: Stack Overflow.
* PowerShell Kernel exploitation: Null Pointer Dereference.
* NeonTwilight Preview.
* COM Hijacking Compendium.

* Using The Windows API In PowerShell.
* PowerShell Kernel exploitation: Arbitrary Write HalDispatchTable.

* PowerShell Kernel exploitation: Use-After-Free.
* PowerShell Kernel exploitation: Pool Overflow.
* PowerShell Kernel exploitation: GdiSharedHandleTable Bitmap.

* PowerShell Kernel exploitation.

-=Posts (Public)=-
* Full writeup of the Razer 0day I found (CVE-2017-14398).
* Application Introspection & Hooking With Frida.
* COM Hijacking Compendium.
* PTE overwrites on Windows 10 RS2.
* Low Integrity pointer leaks on Windows 10 RS2.
*
Reversing the Windows event log for profit!

-=Ideas (?)=-
* Something about app testing (?)
* Pwnables, aka skill up on Linux exploitation (?)
* Hacking games, Pwn Adventure or old stuff like Diablo II (?)


The parts which are marked as posts, can easily be covered in live-sessions as well.

Want to sign up?
Before you do, please read the Rules Of Engagement post for my Patreon page here!

For the Lolz
I spend quite a bit of time playing games. If people are interested we can team up and waste our precious time in search of loot, kills and health \_(ツ)_/!

* Diablo 3
* Path Of Exile
* Don't Starve Together
* Dark Souls III
* Doom
* The Division
* Player Unknown Battlegrounds (I need some hard carry here!)

Pick your poison yolo!
Rewards
OceanLotus
$1 or more per month
  • You have my sincere thanks, you are awesome!
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
Hurricane Panda
$5 or more per month
  • You too are awesome and you humble me!
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
  • Patron-only polls for upcoming content
Turla
$10 or more per month
  • Damn you are legit, and possibly crazy!
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
  • Patron-only polls for upcoming content
  • You will have access to recordings of the live sessions
Fancy Bear
$15 or more per month
  • You are a scholar and a gentleman/lady ٩(͡๏_๏)۶
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
  • Patron-only polls for upcoming content
  • You will have access to recordings of the live sessions
  • You can join the live sessions and watch me fail all over the place
Equation
$25 or more per month
  • You must be rolling in that APT money!
  • No added benefits compared to the "Fancy Bear" tier
  • The stars, that nature hung in heaven, and filled their lamps with everlasting oil, give due light to the misled and lonely traveler
Goals
72 of 200 patrons
I <3 you guys/gals! I'm not sure if the goal is too dam high but the more people sign up the more content I can put out for the community! I have something special in mind if I reach my goal (⌐■_■)..
1 of 1
Who
Hola, name is Ruben Boonen (b33f). I have been working in InfoSec since 2011 but my addiction goes a ways further back to before Red Hat was a paid product ;). Throughout my career I have performed hundreds of assessments for private and public sector entities popping many shellz on app/inf and device assessments.

Over the years I have, however, developed a special interest in all things Windows. My main areas of research include: Breakout, privilege escalation, persistence, client-side attacks, Windows internals / kernel exploitation and PowerShell.

I feel like an eternal n00b and I am very thankful to be part of such a caring community. I have stood on the shoulders of giants and continue to do so every day. Because of this I love to give back whenever I can. I have been an assistant trainer at Black Hat USA and I have delivered workshops at DefCon, 44Con and various BSides events. Additionally I maintain an InfoSec blog (fuzzysecurity.com) and GitHub account (github.com/FuzzySecurity) where I publish research on a variety of topics and I am one of the project owners for the PowerSploit post-exploitation framework.

If you like certs on top of your certs, here are some relevant ones I have: OSWP, OSCP, OSCE, OSEE, Crest CCT Inf.

Why
Why am I here on Patreon, is this a money grab? It goes without saying that I appreciate your financial support. I'm not here to take your hard earned $$'s, your support will help me do a lot of cool stuff/grab pieces of kit/research technical topics and drop POC's/tools! I will not go on this journey by myself, as Patrons you will be able to steer the direction of my research and we will organize some live workshops and QA sessions!

What
So what's up next? As Patrons come in we can push the schedule forward and tailor the subjects but the following topics are currently planned.

-=Live sessions (Patrons Only)=-
* Full walkthrough of the Razer 0day I found (CVE-2017-14398).
* Manually Unpacking An Emotet Office Payload.
* Application Introspection & Hooking With Frida.

Malicious Scriptlet Deobfuscation.
* PowerShell Kernel exploitation: Stack Overflow.
* PowerShell Kernel exploitation: Null Pointer Dereference.
* NeonTwilight Preview.
* COM Hijacking Compendium.

* Using The Windows API In PowerShell.
* PowerShell Kernel exploitation: Arbitrary Write HalDispatchTable.

* PowerShell Kernel exploitation: Use-After-Free.
* PowerShell Kernel exploitation: Pool Overflow.
* PowerShell Kernel exploitation: GdiSharedHandleTable Bitmap.

* PowerShell Kernel exploitation.

-=Posts (Public)=-
* Full writeup of the Razer 0day I found (CVE-2017-14398).
* Application Introspection & Hooking With Frida.
* COM Hijacking Compendium.
* PTE overwrites on Windows 10 RS2.
* Low Integrity pointer leaks on Windows 10 RS2.
*
Reversing the Windows event log for profit!

-=Ideas (?)=-
* Something about app testing (?)
* Pwnables, aka skill up on Linux exploitation (?)
* Hacking games, Pwn Adventure or old stuff like Diablo II (?)


The parts which are marked as posts, can easily be covered in live-sessions as well.

Want to sign up?
Before you do, please read the Rules Of Engagement post for my Patreon page here!

For the Lolz
I spend quite a bit of time playing games. If people are interested we can team up and waste our precious time in search of loot, kills and health \_(ツ)_/!

* Diablo 3
* Path Of Exile
* Don't Starve Together
* Dark Souls III
* Doom
* The Division
* Player Unknown Battlegrounds (I need some hard carry here!)

Pick your poison yolo!

Recent posts by Ruben Boonen (b33f)

Rewards
OceanLotus
$1 or more per month
  • You have my sincere thanks, you are awesome!
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
Hurricane Panda
$5 or more per month
  • You too are awesome and you humble me!
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
  • Patron-only polls for upcoming content
Turla
$10 or more per month
  • Damn you are legit, and possibly crazy!
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
  • Patron-only polls for upcoming content
  • You will have access to recordings of the live sessions
Fancy Bear
$15 or more per month
  • You are a scholar and a gentleman/lady ٩(͡๏_๏)۶
  • Join the FuzzyAPT Patron slack
  • Optionally add your name/twitter handle to a Patron page on FuzzySec
  • Patron-only polls for upcoming content
  • You will have access to recordings of the live sessions
  • You can join the live sessions and watch me fail all over the place
Equation
$25 or more per month
  • You must be rolling in that APT money!
  • No added benefits compared to the "Fancy Bear" tier
  • The stars, that nature hung in heaven, and filled their lamps with everlasting oil, give due light to the misled and lonely traveler