Detection tips, lab writeups, tool guides, and Blue Team insights from the field.
A complete guide to building a functional SOC lab using VirtualBox, Splunk Free, and open-source tools — all at zero cost.
Step-by-step detection methodology using SPL queries to identify Cobalt Strike C2 traffic patterns in network logs.
A practical reference covering the most critical Windows Event IDs for threat detection and incident response workflows.
How attackers obfuscate PowerShell and how defenders can decode, detect, and alert on obfuscated execution at scale.
The Wireshark display filters every SOC analyst should have memorised, with real examples from network investigations.
No fluff. An honest guide on skills, certs, and labs that actually help you land a Tier-1 SOC analyst role without a degree.
Follow on GitHub or Twitter/X to get notified when new content drops.