Security Congress Latin America 2015

Dear friends, how are you? Today I spoke about Memory Forensic Analysis in the Security Congress Latin America 2015 (#isc2congresslatam). Fortunately, I had a great audience who were attending my speak:

This year, I have been focusing on speaking about malwares detection by using Memory Analysis. Next year, I will focus on a harder topic: Malware Analysis. Most people believe that’s accessible topic. They are wrong. Certainly, it’s the most difficult and brutal topic in IT Security area. Stay tunned!

I hope you have a nice day.

Alexandre Borges.

(LinkedIn: and twitter: @ale_sp_brazil).

Learning real Information Security

Hello readers, how are you? Yesterday, a friend (Arthur) requested an honest opinion about working in IT Security, so few points follow:

  1. There are five interesting areas in IT Security which you could choose:
    1. Hacking
    2. Digital Forensics
    3. Software Exploitation
    4. Memory Forensics
    5. Malware Analysis
  2. Hacking is the most known area where we can find most offensive IT Security professionals. It is necessary to learn and study many concepts about infrastructure and operational system internals. Additionally, it is suitable to learn languages as C and Python, for example. Doubtless, it is the most famous security area and there are many things to learn.
  3. Digital Forensics is a known area (do you remember the CSI series?) where is focused on examining network and disks clues for trying to prove either a malware infection or intrusion. It is the fundamental area of Forensics Analysis and you need to learn detailed concepts about Windows, Linux and Mac internals (much more than Hacking) before beginning. Moreover, it would be recommended to learn languages as Python and Perl. In my opinion, it’s a fascinating area.
  4. Software Exploitation is an extension of Hacking where you learn how to find flaw in programs (buffer overflow and heap overflow, for example) and write your own exploit, so it is a huge difference from simple Hacking where 99% guys only know how to use tools. Furthermore, you are required learning Assembly, C language, Python, Perl and to know about Windows and Linux internals. Doubtless, the learning curve is too steep.
  5. Memory Forensic Analysis is a natural continuation of Digital Forensic Analysis, but you need to delve into very detailed structures on Windows for being able to perform precise and effective analysis. Unfortunately, almost everybody believes that learning a cool tool is enough (thousand miles away from the true) and these professionals NEVER will understand Memory Analysis. Usually, you have to learn everything about Windows, Mac and Linux Internals, and having a very good knowledge about Security in general. This can be a challenging area.
  6. Malware Analysis is the most challenging area (by far) on IT Security because you need to learn Assembly, C, Python, Debuggers, Disassemblers, Windows Internals, Reverse Engineering, processor internals and several types of anti-forensics techniques. You will pass countless nights studying and practicing your analysis. Moreover, every usual rules are bent my malware’s authors then sometimes there is little hope and no solution on the horizon.

Becoming a real hacker is walking a very complicated and long way. Differently from any other areas (Backup, Virtualization, Programming, Databases, Switches, Routers, Cloud, and so on), in IT Security you are NOT limited by either a product or a brand. There are not borders. Everything it is interleaved and we are obliged to learn about each detail to understand the whole scenario. For example, I have heard professionals who tell working as Malware Analyst, but when I start to explain the stuff then they realize that their knowledge is not so complete. Additionally, other professionals like working in IT Security Management and I think it is a very nice area, but it is not really IT Security. They are NOT hackers.

Thus, if you like working for a specific brand / product, so IT Security is NOT for you. True hackers learn the necessary stuff with your colleagues and everything else they learn alone. There is not an exclusive concern to certifications (yes, they are still important), but only learning a new stuff every time even you take a long time and face serious problems to get it.

In Brazil, there are excellent companies where you can work with Hacking and Digital Forensics, but your options will quickly narrow when learning the other three areas because most Brazilian companies are still not prepared to hire this kind of professional. Nonetheless, if you are looking for jobs in USA then all ports are open for you because there are many opportunities to work as Malware Analyst, for example. In my personal opinion, these areas will have an outstanding interest in Brazil in a near future and who starts to learn them will have a competitive advantage.

Does it worth to learn these areas above? Yes, it does. Definitively, as bigger is the challenge, bigger is the prize. However, it is my duty to alert you that thoroughly learning security requires a huge and endless effort. I can assure you that you will be frustrated several times during your study and before two years at least you are lost without a direction. At end, everything will be rewarding and, in particular, I can mention that:

  1. It’s possible to provide consultant services in hunting and analyzing malware for private companies and earn outstanding money.
  2. Certainly, it is very rewarding being able to know security in this very special level of detailing.

My friends, you should not be deceived: security (in this level) is the most brutal and hard area in the Information Technology. You will NEVER stop to study and, as I have been doing every single day for many years, soon you are studying several hours per day. Darkness, suffering, paining and anguish are coming, literally. This is only for a strong.

Finally, it is appropriate remembering the statement from John Milton in “Paradise Lost” (1667) and quoted by Morgan Freeman in the movie “Seven” (1995):

“Long is the way and hard, that out of Hell leads up to light…”

Have a nice day and if you liked this text, so share it, please.

Alexandre Borges.

(LinkedIn: and twitter: @ale_sp_brazil).

Administering Oracle Linux 7: Part 3 – The systemd journal

Dear readers, how are you? It follows the third part of my series about Oracle Linux 7 on GPO (Oracle Professional Group):

I hope you enjoy it. Have a nice day.

Alexandre Borges

(LinkedIn: and Twitter: @ale_sp_brazil)

Training Information for 2016

Dear readers, how are you? Finally, I could publish some information about my courses that will be available in some moment in 2016:

Few details about these courses:

  • They are intensive courses.
  • Almost all of them are very practical.
  • All these courses are for people who REALLY want to learn security.
  • My courses are far away from usual security courses (no names here) :)
  • I am an extremely technical instructor. Therefore, don’t expect an easy life.Fear, despair, suffering and darkness are expected during some courses.
  • If you either were my student or you have seen me speaking in conferences/universities, so you know what are waiting for you.

Honestly, I have a few goals with my trainings:

  • Bring additional security information for professionals who are looking for it.
  • Break the “course in a box” or “courses about products” culture.
  • Teach about information security without concerning with certifications.

At first moment, all courses are ILT (Instructor Leading Training). For now, there is not any plan for offering them online.

I hope you like them. Stay tuned for further updates.

Have a nice day.

Alexandre Borges

(LinkedIn: and Twitter: @ale_sp_brazil)

Administering Oracle Linux 7: Part 2 – Network Management

Dear readers, I hope you are fine! It follows my second article (always in English, sure) about Oracle Linux 7 on GPO (Oracle Professional Group):

Personally, I recommend signing the GPO mailing list because there are many articles from excellent authors. More information on: (this is a Portuguese website).

Have a nice day.

Alexandre Borges

(LinkedIn: and Twitter: @ale_sp_brazil)

Administering Oracle Linux 7: Part 1—Service Management

Hello readers, how are you? This week I became an author on GPO (Grupo de Profissionais Oracle, in Portuguese) / OPG (Oracle Professional Group) site, where I’ll be publishing some articles about Oracle technologies. The first one (in English) about Oracle Linux 7 was published today:

I hope you enjoy the article.

Have a nice day.

Alexandre Borges

(LinkedIn: — Twitter: @ale_sp_brazil)

Hacker to Hackers Conference (H2HC) University 2015

Dear readers, how are you? Yesterday (OCT/24/2015), I spoke about “Memory and Malware Analysis” at Hacker to Hackers Conference (H2HC) University in Sao Paulo. All attendees were great, they interacted so much and asked very interesting questions. Links for H2HC University follow:

I would like to thank you Rodrigo Branco and Filipe Balestra by the invite to speak at biggest hacker conference in the Latin America.

Additionally, in special, I would like to thank my friend Cleiton Alves for his help during all time. Sincerely, thank you so much.

Have a nice day.

Alexandre Borges.