Sysinternals case writeup
This is a small writeup for the sysinternals case recently published by Ali Hadi.
Posts by Year
2022
A tour inside a SOC analyst mind
As a mentor in a SOC, I often receive questions from junior analysts about the best way to approach analysis. To help them develop their skills, I sometimes ...
Analyzing SOC Data Using Jupyter Notebook
Detection Controls usually focus on telemetry collection, and in most cases lack data analytic capabilities. Hence, It would be necessary to export the data ...
2021
Remote Full Packet Capture
Tool such as TCPDump captures full packet data and store to desk, it doesn’t provide a way to capture and stream the packets to a remote destination. I have ...
Using Structured Analytics Techniques in SOC
I keep trying to involve SATs (structured analytic techniques) in my daily Cyber security analysis work. I also keep looking for ways to measure the improvem...
2019
Perception in intelligence analysis
By definition, Perception is the interpretations of sensory information in order to represent and understand the presented information, or the environment. I...
Best Quotes I Use in my Infosec Slides
“There is noting as useful as a good theory” —Kurt Lewin
Zeek Notes
I have been using Zeek for my personal projects for sometime, I will write some Notes for using it and plan to update this list as I get into the advanced ca...