Research - OAuth Abuse - COMMING SOON

Microsoft Azure OAuth and how attackers abuse it. Coming Soon.

Jul 20, 2025 Research

Lab Write Up - Xintra - KG Distribution

Exploration of memory analysis with MemProcFS. This post dives into an interesting Xintra lab challenge, hunting for malicious processes, persistence mechanisms, data staging and more.

Jul 20, 2025 Lab

Back To Basics - LOLBins

A knowledge refresher - Exploration of cyber security topics.

May 27, 2025 CyberSecurity

Engineering - Automating End to End Acquisition and Processing

This post dives into automating end to end artifact collection and processing using Velociraptor and Timesketch all deployed using CloudFormation in AWS.

Dec 3, 2023 DFIR

Engineering - Certificate Transparency Logs

Exploring Certificate Transparency Logs, deployment of elastic stack and showcasing how they can be leveraged for some interesting use cases.

Jul 30, 2023 Threat Hunting

Research - Velociraptor - Hunting for MOVEit IOCs

Showcasing Velociraptors capabilities as we hunt for MOVEit Indicators of Compromise off the back of CVE-2023-34362

Jun 2, 2023 Threat Hunting

Engineering - Velociraptor - Platform Setup

Part 1 - An intro to Velociraptor - Setup and client deployment

May 23, 2023

Lab Write Up - TeamSpy - MemProcFS

Exploration of memory analysis with MemProcFS. This post dives into an interesting CyberDefenders challenge, hunting for malicious processes, code executions, files and more.

May 11, 2023 DFIR