- 🔭 Threat Hunting
- 💡 Detection Engineering Tips
- 📰 Detection Lists
- 🔍 DFIR Artifacts Insights
- 🧛 Purple Teaming
- 🗄️ Event Logs Analysis
- 📜 My Detection Lists for SOC/DFIR
- 🧪 PurpleTeam scripts and notes
- 📖 Threat Intelligence Reports Database
- 📂 Threat Hunting artifacts
- Threat Hunting - Suspicious Named pipes
- Event Log Manipulations - Time slipping
- Threat Hunting - Suspicious Service names
- Threat Hunting - Suspicious User-agents
- Detecting DNS over HTTPS
- Threat Hunting - Suspicious TLDs
- OSINT - Catching my hacker via leaked datases
- Detecting DLL Hijacking techniques from HijackLibs With Splunk
- How Threat Actors use Pastebin
- Detecting Phishing attempts with DNSTWIST
- File Integrity monitoring with Auditd
- How Threat Actors use Github
- Detecting Browser extensions installations
- C2 Hiding in plain sight
- Detecting PSEXEC and similar tools
- Detecting Phishing attempts with Wetransfer
- Detecting HTML smuggling Phishing attempts
- More content on Medium and Twitter/BlueSky