Fabrice's Blog

The 2026 Deep Dive

Sun, 25 Jan 2026 08:17:44 -0500

Going Deeper into Code Review, Reverse Engineering, and Web Exploitation

New year, new focus. This year I’m pushing myself to level up in three specific areas: code review, reverse engineering, and web exploitation. I’ve spent enough time doing surface-level testing, now I want to understand what’s actually happening under the hood. I’ve already invested in the learning materials to make this happen, so there’s no backing out now.

Certified Cyber Security Engineer [CCSE] Review: Is it Worth it?

Thu, 04 Dec 2025 17:31:16 -0500

I recently completed the Certified Cyber Security Engineer (CCSE) certification from Cyberwarfare Labs, and I wanted to share my experience with anyone considering this certification. Even though I already hold more advanced certifications like the OSCP and HackTheBox CPTS, I found the CCSE to be a valuable addition to my skill set, and here’s why.

What is the CCSE?

The Certified Cyber Security Engineer (CCSE) is a comprehensive penetration testing certification offered by Cyberwarfare Labs. What makes it stand out is its broad coverage of modern attack surfaces that many traditional pentesting certifications don’t touch. It’s designed for beginner to intermediate cybersecurity professionals who want to develop a well-rounded understanding of various technologies and attack vectors they’ll encounter as a cybersecurity engineer.

CDSA Review

Sat, 15 Nov 2025 16:13:23 -0500

A Clear Overview of the CDSA Certification

In this post, I’ll share my experience with the HTB Certified Defensive Security Analyst (CDSA) certification. Whether you’re new to blue teaming or already familiar with CDSA, there’s something here for everyone.

What is the HTB CDSA?

The Hack The Box Certified Defensive Security Analyst (CDSA) is a hands-on blue-team certification focused on real-world SOC operations. It evaluates your ability to monitor, investigate, detect, and respond to threats using enterprise-grade tools and realistic scenarios. The exam is fully practical and is directly based on the HTB Academy SOC Analyst role path.

CRTP vs CRTE: Mastering Active Directory

Sat, 13 Sep 2025 10:23:10 -0400

Two years ago, I embarked on a challenging journey that would fundamentally transform my understanding of Active Directory security and red teaming. Today, I want to share my experience with two exceptional certifications from Altered Security: the Certified Red Team Professional (CRTP) and the Certified Red Team Expert (CRTE).

Why I Chose These Certifications

As someone looking to build a solid foundation in Active Directory penetration testing, I was drawn to Altered Security’s reputation for creating realistic, hands-on environments. Unlike many other certifications that rely heavily on theoretical knowledge or outdated exploitation techniques, both CRTP and CRTE focus on abusing legitimate Active Directory features and functionalities in fully patched environments.

Threat Hunting: FIN7 - Post Compromise Execution

Sun, 07 Sep 2025 13:59:10 -0400

Introduction

In Part 2, we pivot from initial access to what happened next. Using Windows event logs and PowerShell Operational logs in Splunk, we reconstructed FIN7’s execution chain after persistence via a scheduled task, validated key artifacts, and built practical detections you can run.

What we investigated

Scheduled Task execution timing and payload
Process tree spawned by the persisted loader
PowerShell script executions including repeated stagers
Reconstruction of the staged PowerShell from events (4104) and file hashing for IOC tracking

Interpretation of the Decoded Script from Initial Access (Recap)

what we have got here is essentially a decoded RTF payload that was obfuscated using \chr encoding. Once decoded, it reveals a malicious VBScript designed to drop and persist a RAT (remote access trojan). Lets break down the key points :

Red Team Infra Dev

Sat, 30 Aug 2025 08:43:24 -0400

My Experience with the CRT-ID Certification

I recently completed the Certified Red Team Infrastructure Developer (CRT-ID) certification from Cyberwarfare Labs, and I’m excited to share my comprehensive review of this unique course. If you’re looking to enhance your red teaming skills with a focus on infrastructure development, this might be exactly what you need.

What is the CRT-ID Course About?

The Certified Red Team Infrastructure Developer (CRT-ID) is a specialized course designed to equip cybersecurity professionals with the skills to develop OPSEC-safe Red Team infrastructure for both internal and external operations. Unlike many other red team courses that focus primarily on exploitation techniques, this course dives deep into the infrastructure backbone that makes successful red team operations possible.

Threat Hunting: FIN7 - Initial Access

Thu, 14 Aug 2025 19:03:54 -0400

Introduction

Welcome to the first post in my Threat Hunting series. We are starting with FIN7’s initial access tradecraft: a phishing-delivered, weaponized RTF that abuses living-off-the-land binaries and scheduled tasks to get a foothold. This post distills the key artifacts and shows practical hunts you can run.

This is Part 1 of my Threat Hunting series. Each post focuses on one phase of an intrusion with practical hunts and response tips.

CBBH Review

Wed, 13 Aug 2025 04:21:58 -0400

A Clear Overview of the CBBH Certification

In this post, I’ll share my experience with the HTB Certified Bug Bounty Hunter (CBBH) certification. Whether you’re new to web penetration testing or already familiar with CBBH, there’s something here for everyone.

What is Web Application Penetration Testing and Bug Bounty Hunting?

Web Application Penetration Testing is the practice of assessing the security of web applications by simulating real-world attacks. The goal is to identify vulnerabilities such as SQL injection, XSS, authentication bypass, and more, before malicious actors can exploit them.

MicroMasters Cybersecurity RITx

Fri, 04 Jul 2025 15:17:16 -0400

In August 2019, I enrolled in the RITx MicroMasters in Cybersecurity, a program delivered by the Rochester Institute of Technology (RIT) in partnership with edX. At the time, the program didn’t have open enrollment, so I had to wait until January 2020 to get started.

My goal was clear: gain the foundational skills and credibility needed to transition into a cybersecurity career. Although COVID hitted the same year and disrupted job prospects, the knowledge and skills I gained helped me secure an IT position later on. In hindsight, this program was a meaningful step in my professional growth.

Understanding POP-POP-RET in SEH Exploits

Mon, 26 May 2025 16:28:21 -0400

Part of the Exploit Development Module – Certified Cybersecurity Engineer (CCSE) – By Cyberwarfare Labs

📚 Table of Contents

🔰 Introduction

This blog post is part of the Exploit Development module in my journey through the Certified Cybersecurity Engineer (CCSE) certification by Cyberwarfare Labs.

Threat Hunting vs Threat Intelligence

Mon, 12 May 2025 20:11:48 -0400

As part of my learning journey through the Hack The Box Certified Defensive Security Analyst (CDSA) certification, I’ve recently explored a fascinating topic—threat hunting. The more I dive in, the more I realize how important it is to distinguish between threat hunting and cyber threat intelligence (CTI). While both disciplines play vital roles in modern cybersecurity programs, they serve different functions and require distinct approaches.

In this inaugural post for my new blog section dedicated to threat hunting, CTI, and threat actors, I want to explore how these two areas intersect, how they differ, and why both are essential to defending against today’s cyber threats.

The Pentesting Trifecta CPTS-OSCP-PNPT

Sun, 11 May 2025 09:35:44 -0400

After months of dedication and late nights, I’ve earned what I call the Trifecta of Penetration Testing Certifications: the PNPT, OSCP, and CPTS. In this post, I’ll break down each certification—covering content, pricing, exam duration, realism, and difficulty—based on my personal journey. If you’re debating which cert to pursue, I hope this guide helps.

Overview of Each Certification

🔴 PNPT – Practical Network Penetration Tester

Provider: TCM Security
URL: certifications.tcm-sec.com/pnpt
Cost: $499 USD (includes training and exam)
Duration: 5-day engagement + 2 days for reporting
Content Focus:
- External/Internal recon and exploitation
- Active Directory attacks
- OSINT
- Pivoting
- Report writing
Exam Format: Realistic corporate AD environment; compromise the domain controller and submit a professional report.

🟠 OSCP – Offensive Security Certified Professional

CDSA | Part 1

Thu, 01 May 2025 11:33:06 -0400

As someone who primarily walks the path of the Red Team, I’ve always been immersed in penetration testing, adversarial simulation, and offensive operations. But lately, I’ve realized something crucial — truly mastering offensive security requires seeing things from the defender’s perspective too. That’s why I decided to take on the Hack The Box Certified Defensive Security Analyst (CDSA) certification.

🛡️ What is HTB CDSA?

The HTB Certified Defensive Security Analyst (CDSA) is a highly hands-on certification offered by (Hack The Box ). It focuses on security analysis, SOC operations, and incident handling at an intermediate level. Unlike many traditional certifications that focus on theory, CDSA emphasizes practical, real-world skills — the kind you’ll actually need working in or alongside a SOC.

CRTS v2 | Part 2

Mon, 14 Apr 2025 20:48:51 -0400

CRTSv2 Certification Review – Final Thoughts After Passing the Exam

This post is the second and final part of my review of the (CRTSv2 ) certification by CyberWarFare Labs. In the first part, I covered my experience during the course. This post will wrap things up with a full breakdown of the lab, exam, preparation, and how it stacks up against similar certs.

Course Material

The course is divided into two main modules:

CRTS v2 | Part 1

Sun, 02 Mar 2025 06:43:06 -0500

My Journey Through the Certified Red Team Specialist (CRTS v2) Course

After successfully completing CRTS v1, I decided to take on CRTS v2 by Cyber Warfare Labs. This blog post will document my journey as I work through the course material and prepare for the hands-on exam by the end of March.

My Experience with CRTS v1

In the previous version of this course, the lab covered the following scenarios:

CCSE | Part 1

Sat, 01 Mar 2025 16:25:32 -0500

The Certified Cyber Security Engineer (CCSE) is a comprehensive training program offered by Cyber Warfare Labs (CWL) that focuses on real-world penetration testing across 14 distinct domains. Participants gain access to over 50 online labs available 24/7 via the CWL Cyber Security Playground (CCSP). These labs provide hands-on experience with intentionally vulnerable virtual machines, allowing learners to practice market-oriented, practical penetration testing.

My Journey Through the Certified Cyber Security Engineer (CCSE) Course

I recently embarked on the Certified Cyber Security Engineer (CCSE) course by Cyber Warfare Labs, with the goal of completing it and taking the exam by the end of April. While I haven’t completed the course yet, this blog post will document my journey, sharing my thoughts and insights along the way.

CPTS Review

Sun, 26 Jan 2025 00:00:00 +0000

A Clear Overview of the CPTS Certification

In this post, I’ll share my experience with the HTB Certified Penetration Testing Specialist (CPTS) certification. Whether you’re new to penetration testing or already familiar with CPTS, there’s something here for everyone.

What is Penetration Testing?

Penetration testing, or pen testing, involves authorized simulated cyberattacks on systems and networks. The goal? To identify and fix vulnerabilities before hackers exploit them. As a pen tester, you’ll document your findings and create reports detailing your approach and results.

About Me

Sat, 18 Jan 2025 00:00:00 +0000

I’m a Novice Security Researcher specializing in Penetration Testing, Ethical Hacking, and Red Teaming. With a background in Electronic Engineering and a Micromasters in Cybersecurity from Rochester Institute of Technology (RIT), I hold certifications like OSCP, CPTS, CBBH(now CWES), CDSA, PNPT, CRTE, CRTP, CRTS, CCSE, CRTA and CEH (Practical).

Starting my career in customer service, I quickly advanced through roles in IT support, System Administration and IT Manager. In my current position, I manage all IT and cybersecurity functions, balancing both offensive and defensive security operations. I’ve implemented a successful Penetration Testing program, overseeing both Red and Blue Team activities to secure company infrastructure.

Welcome to My Blog

Sat, 18 Jan 2025 00:00:00 +0000

I’m a novice security researcher who specializes in penetration testing, ethical hacking, and red teaming. I created this blog to document what I’ve learned and share practical insights from my work in Cybersecurity.

My path here wasn’t exactly traditional. I started out studying literature in secondary school, which taught me how to think critically and solve problems, skills that turned out to be surprisingly useful in cybersecurity. From there, I earned a Bachelor’s in Electronic Engineering and a Professional Diploma in Computer Engineering before completing a Micromasters in Cybersecurity through Rochester Institute of Technology.