Hello, I'm
Cyber Threat Intelligence Analyst
Documenting my exploration of malware analysis, reverse engineering, cryptography, and system security through technical writeups and open-source tools.
Incoming Transmissions
Recent deep dives, reverse engineering writeups, and technical tutorials.
CTI Foundations: Part 2 - The Threat Intelligence Pyramid
Part 2 of the CTI Foundations series. Understand the Pyramid of Pain framework: why hash values are trivial to evade, how infrastructure rotates, and why TTPs are the most durable indicators of compromise.
SaltStack Internals: Remote Execution and Configuration Management Architecture
A deep technical analysis of SaltStack. Understand its dual nature as an execution engine and state manager, explore the ZeroMQ event bus, and see how it enables rapid incident response.
Security Onion Fundamentals: Network Security Monitoring and Threat Hunting
A practical introduction to Security Onion, explaining how it combines network security monitoring, log management, and threat hunting into a coherent blue team platform.
CTI Foundations: Part 1 - What Cyber Threat Intelligence Is and Why It Matters
Part 1 of the CTI Foundations series. Learn what CTI actually is, how the intelligence lifecycle works, and why understanding IOCs, TTPs, and intelligence consumers changes defensive outcomes.
DNS Security Analysis Series: Part 3 - Advanced Attack Techniques and Modern DNS Challenges
Advanced DNS attack vectors including tunneling, IDN abuse, encrypted DNS protocols, and enterprise security implementation strategies for security analysts.
A deep dive into reverse engineering Go binaries. Learn about Go's internal data structures, compilation flags, PCLNTAB, ABI changes, and how to reconstruct slice and interface operations in IDA Pro.