The name is Rich or at least more widely on the internet I go by the name of ScriptMonkey_ (that underscore is important ;)), the Console nick on github? well that’s just cause I thought it sounded cool at the time and grabbed it.

I’ve been in the information security world for just over about a decade, working my way up from lowly junior pentester, through to senior. Getting dropped into CTLHell before finally about 5 or 6 years ago moving into what I would say would be best classed as Red Teaming, or at least the UK version of it (e.g. CBEST, STAR, TIBER-EU, etc…) and i’ve enjoyed every high pressure, heart pumping moment of it, even if I decided to move on for my own health (all those years staying in hotels takes a toll).

Which brings me to where I am today.

I currently head up the internal purple team for a large financial services organisation, trying to put together all the years of active offensive security experience i’ve had along with getting more of a head for the defensive side of life and eventually delivering more benefit for the organisation than what an external short period engagement would. I firmly believe the best bit of any red team engagement is always the debrief, where both you and the client learn more in those few hours than you have in the last 6 months and this is basically nothing but debrief really. Be it when I assist the detection engineering side of life or if we’re planning emulation exercises to test our detective and protective controls.

It’s not going to be an easy journey, it certainly isn’t always as exciting as those insane 4am scrambles to get the crown jewels as our implants die around us and the blue team edges ever closer to booting us out of their network, but it is interesting and worthwhile work.

This blog? I started it a long long time ago, way before I started penetration testing, back when I was a “Technical Consultant” for large services organisation supporting some interesting customers. The contents, have broadly been infosec focused over the years but more accurately described as a variety of random IT notes that I wrote primarily for my own benefit than anything else. Some of the content is probably wrong - in which case I welcome constructive feedback and explanations! :) Some of it is probably defunct (I started pentesting when MS09-50 was the new hotness) but hopefully some of it will still be useful to you the reader.

I’m in the process of dragging over my old blog posts from a wordpress site that used to run at scriptmonkey.eu, but sadly due to brexit and no longer being part of the european union apparently I am not eligible to own a .eu domain any longer and whilst the technical contacts are currently set to some friends on the continent, I don’t wish to outlast their hospitality hence the big move.

Please bear with me as I get some of the articles shifted over and I know if you’ve been sent here through a link in a write up or in a pentest report, let me know what you were after if its not here and I can give you a PDF of the actual post.

Anyhow’s that’s enough of an about/intro :) Onwards! to the content!