![[logo.png|300]]
Welcome fellow **antiquarians**! `KnifeCoat` is a new way to share some of my thoughts, collect resources for study, and post some ad-hoc data/research of questionable use.
### Times gone by
`FuzzySecurity` has been servicing 250-350k unique visitors per year on average 🤯. However, one does not always have as much time to *(1)* research content, *(2)* write content, *(3)* turn the content into HTML as one used to (it's true). For this reason `FuzzySecurity` has been archived using [GitHub Pages](https://pages.github.com/). I started `FuzzySecurity` in 2011 and I believe that, while a good portion of the content has aged beyond power of memory to recall it's usefulness, it has some historic value and some pretty damn cool research! I would also like to remember, fondly, some of the suffering I endured working on the content 💕
As such `FuzzySecurity` will remain online and accessible using the normal URL:
- [https://www.fuzzysecurity.com/tutorials.html](https://www.fuzzysecurity.com/tutorials.html)
```
Let us not then pursue
By force impossible, by leave obtain’d
Unacceptable, though in Heav’n, our state
Of splendid vassalage, but rather seek
Our own good from our selves, and from our own
Live to our selves, though in this vast recess,
Free, and to none accountable, preferring
Hard liberty before the easie yoke
Of servile Pomp. Our greatness will appear
Then most conspicuous, when great things of small,
Useful of hurtful, prosperous of adverse
We can create, and in what place so e’re
Thrive under evil, and work ease out of pain
Through labour and endurance. This deep world
Of darkness do we dread?
```
### But what is a KnifeCoat?
This is just a small joke, Microsoft has written detections for some tools I wrote in [Sharp-Suite](https://github.com/FuzzySecurity/Sharp-Suite) and those detections are grouped under the moniker `Knifecoat.XXXXX`. The naming game is so on point.
### Background
I have been messing around with computers for a long time, I remember using `Red Hat` before it was a commercial product if that is any indication. In 2011 I started working in security. As time progressed I narrowed my interests to focus mostly on: all things Windows, endpoint post-exploitation, OS internals, systems programming and any weird research problems that caught my attention.
I have worked on all sides of the fence in our industry: hard-core util based consulting 🔥, red teaming, defence and research. For the past 4-5 years my main efforts have been in Red Teaming and threat based research. I split my time between `R&D` and `hands-on-keyboard` activities.
Currently I work as ~~*CNE Capability Lead*~~ an **Antiquarian** @ `IBM Adversary Services`.
### Calypso Heavy Industries (CHI)
In January 2024 I launched `Calypso Heavy Industries (CHI)` as a way to bring high-quality offensive technical `training` and `design` to industry partners.
You can find out more about `CHI` at [https://calypso.pub/](https://calypso.pub/).
### Contact
Hit me up if you have any questions or feedback.
- LinkTree - [fuzzysec](https://linktr.ee/fuzzysec)
- Twitter - [@FuzzySec](https://twitter.com/FuzzySec)
- Bluesky - [@fuzzysec.bsky.social](https://bsky.app/profile/fuzzysec.bsky.social)
- Mastodon - [@
[email protected]](https://infosec.exchange/@FuzzySec)
- LinkedIn - [rboonen](https://www.linkedin.com/in/rboonen/)
- Email - `
[email protected]`
- GitHub - [FuzzySecurity](https://github.com/FuzzySecurity)
- YouTube - [fuzzysecurity](https://www.youtube.com/@fuzzysecurity)<br><br>
```
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User-ID: Ruben Boonen <
[email protected]>
Comment: Valid from: 02/08/2025 14:28
Comment: Valid until: 02/08/2027 14:28
Comment: Type: 512-bit ECDSA (secret key available)
Comment: Usage: Signing, Encryption, Certifying User-IDs
Comment: Fingerprint: 030048B21CC300EACF55E26721F1D487463C1A80
mJMEaI6C+hMJKyQDAwIIAQENBAMEojGi/Jx13TedMZqEcmbQw8Y9mW9BRBlCTEEv
5aEZQZ0nsqQ7fAOzH1mGQgsm6LfR4pPs5Bmw10tCeSy8N9R8CQKV8EKf1lP1aIrz
noWIFJzyC+s0OabosDqaQBwbAVKd9Dvjg0jURRuXrcMko1kAcgUjghN+k0JxHR2A
UaTZBVq0IlJ1YmVuIEJvb25lbiA8cnUuYm9vbmVuQGdtYWlsLmNvbT6I2QQTEwoA
QRYhBAMASLIcwwDqz1XiZyHx1IdGPBqABQJojoONAhsDBQkDwmcABQsJCAcCAiIC
BhUKCQgLAgQWAgMBAh4HAheAAAoJECHx1IdGPBqAOIQB/RUULylzPHILfRGxuE/Q
a7EFOquLhXKW15W1iftVS39se/RI/rwXDRa+qPJxgm6MLcf9LRM2QHdwAThmjXtS
+0oB/3lAkM6HMMcbLFwxdTf3ACIxFe5lk1zLNWy08+05IfNMRgWX6sJ3BemLUrCT
OoDv0Y6yV3DvC/9HG1TAFt264p24lwRojoMQEgkrJAMDAggBAQ0EAwQl/71jd3YZ
yLe7vySBk7MccPRcmP/Qs82FrVJjFmhsamxEoHvxqcbf1A6fqIN5Gzl0bO4Wj3W2
LJ/3MjJfmsF5a4KudApXqc4wR3rt/XVJVUYhg32mHNbScghta0wDlc44yzrQqB2N
8rM0z5UDsyZ0k7LMa50HgOwlN4Z6xyialwMBCgmIvgQYEwoAJgIbDBYhBAMASLIc
wwDqz1XiZyHx1IdGPBqABQJojoSGBQkDwuzeAAoJECHx1IdGPBqAhKcB/008w/Mk
mJ+Sy8Z2OUj/6PNp2WAGuxyeeKyjDFEMpMONa86+ngc8jvdoBZJKDD621xP5l797
KlU6NFckONq0Wd4B/j3NhpzI6VU+owLLDjVMSOHq8xE15Qmi6lwNX0Ku6ZsZu5qF
JbeWpxhpQ7FP1ZMrUOwDqsD8NT+6QbWtstPTKxA=
=Nucn
-----END PGP PUBLIC KEY BLOCK-----
```