Soumyanil Biswas
Security Research @FireCompass
Actions
Hi, I'm Soumyanil (aka reveng007). Currently into Security Research. Though I have an electronics background, I am into information security.
Former Speaker BSides Singapore 2023, Black Hat Asia 2024 Presenter. Also got invitation as a speaker from BSides St. Pete (Florida) 2023, BSides Prishtina (Kosovo) 2023/2024, BSides Boise (Idaho) 2024, Hackmiami Conference XI 2024 and ConfidenceConf 2024, Krakow, Poland.
I'm learning new stuff day in and day out. I'm passionate about offensive security more than defensive.
I have played CTFs, solved 100+ rooms in TryHackMe till now. I have CRTP.
Now a day, I am spending most of the time building scripts/open source malware dev evasion based projects, digging deep into windows system internals, building scripts on On-prem and Cloud-based (like, AWS) Attack Vectors.
Links
Area of Expertise
Offensive TradeCraft: Syscalls to StackSpoofing!
This workshop is all about sharing the experience with all, that how we can make usage of advanced evasion techniques in order to Bypass different Endpoint Detection and Response (EDR) systems. First we will start with the basics of Windows Internals (PEB, TEB, Winapi, etc) with process injection examples.
Next, participants will receive a primer on Endpoint Detection and Response systems and how they perform User-Mode hookings. Then we would start focusing on how Ntapis work and then delve down to syscall concepts.
From here, we would start creating Implants based on syscalls and move down to advanced form of maldev techniques, like Custom Call Stack Usage, Stack Spoofing, etc. We would also be showing how to detect those type of implants. This workshop would help individuals to upskill their Maldev as well as defensive skills altogether.
Developing a Linux Loadable Kernel rootkit from scratch
https://github.com/reveng007/reveng_rtkit
This talk is all about sharing the experience with all, which was learned while creating a LKM based rootkit. All those techniques and resources will be shared, in order to avoid all those overhead pains of finding out those appropriate concepts/ snippets, needed while making a LKM based rootkit, from all over the internet world, making things become easy as well as clear.
This will be a discussion on, how to know which entry point to access, implementing security concepts along with developing mindset, applying same concepts that was in market previously, in a different manner, to create a chance of getting antirootkit evaded, to implement syscall interception by finding syscall addresses, kernelmode function hooking, hiding rootkit deep inside the kernel to hide itself from usermode programs, making rootkit unremovable, etc
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top