Page cover image

About Me

hey, I'm crow!

birb

An ex-aspiring physicist turned cyber-degenerate "YouTuber" who primarily focuses on cyber-security education. My main interests are red teaming with a special focus on offensive development and reverse engineering. I'm currently learning Japanese (not for anime, I just like the language... I swear). Some of my "hobbies" include: competitive beatboxing in the River Styx, self-deprecation, casually falling in love with Intel syntax, professionally getting nauseous at AT&T syntax, spending an inane amount of time ricing random stuff that no one cares about, shadowboxing Windows Defender, buying GFs at the Grand Exchange, getting stun-locked by imposter syndrome and burnout, and did I mention self-deprecation?

My hopes with this blog are that by me being a beginner, I'll make content in which nothing is overlooked and novice questions are not just asked but welcomed, researched, and hopefully answered. Anyways, welcome, enjoy your stay, and I hope you find what you're looking for!

Group photo (nobody smiled (except for the insane ones))

My Certifications

Obtained
In Progress
One Day

eJPT, eCPPT, CRTP, C|EH Practical

OSCP, PNPT

SLAE32/64, eCXD, eCPTX, eCDFP, eCRE, CRTE, CARTP, PACES, CRTO I/II, CRTL, OSED, OSEP, OSCE, OSEE, BTLO I/II

I know some people hate certifications, and this list seems like I'm trying to collect them like Pokemon. Well, yeah. I am.

FAQ

I could rant forever, but answers to some common questions I've seen floating around (not even directed toward me, but it's just a matter of time before I start getting them) can be found in the expandable section below.

FAQ

What's the point of making a blog about malware development when sites like ired.team, vx-underground, etc. already exist?

I personally think that this way of thinking is fundamentally flawed and toxic. Firstly, I'm not trying to "replace" or "overthrow" these sites - I don't even think that's possible and even if it was, I'd never want to. Everyone in the field already knows how great these sites are and I mention them (and more like them) all the time.

You shouldn't just use my blog solely to learn malware development. I've already said this in a blog post but I'll reiterate it here: treat malware development like learning a new language. When you learn a language, you ought to use multiple different resources because one resource might go over something that another might not. I try my best to include other resources for you to look at in the "references" section of a blog post, but the point stands, at some point you will/should do your own due diligence and seek out other resources as well.

I also strongly disagree with the notion that you should/can only make a post, GitHub repository, video, talk, or whatever if and only if you've made some discovery, authored a new technique/exploit, or whatever. I think that "stance" is incredibly gatekeeper-y and narcissistic. If you're a noob (like me), I highly urge you to document your own notes in a manner in which you're attempting to teach someone these techniques. Better yet, make your own blog posts as well!

Lastly, be nice and welcoming to the newcomers. Nobody likes rude, egotistical, snarky, dork-ass losers who have nothing better to do than shit on novices. Obviously, there are those who don't really care about learning, but for those genuinely intrigued by all of this and genuinely making an effort to learn, a single bad interaction can completely rob them of that feeling - turning that initial wonder and intrigue into dread and shame. Why would you want to do that to someone? Be nice to the newbies, dickhead.

TL;DR - Because I want to.

Will you only talk about malware development in this blog?

No. I want this blog to be an externalization of everything I've learned - sort of like a refined obsidian vault, where I publish my notes or things I'm currently learning (who knows, the posts I especially like might even end up getting adapted into a video). Malware development has taken over my life lately, but I also enjoy the other kinds of lower-level hacking/mechanisms, so you'll mainly find content geared toward that. Binary exploitation, malware development, and hopefully soon: malware analysis, digital forensics, active directory, hardware hacking, etc. are things that you can expect to find in this blog of mine (eventually).

What fonts and themes are you using?

All the fonts and themes I've used which have been shown in the videos or blog posts are as follows:

Where can I reach you?

In case you've found an error, or something that needs attention with the blog, you can reach me on any of the socials that you can find in About Me, or if you hover over "My Socials" on the top right of the blog. If you need to email me, you can reach me at: [email protected]. Please note that I'm incredibly slow to respond so if you sent me a message or email and I haven't responded, that's why.

My Socials

Last updated

Was this helpful?