Hello, I'm
Cyber Threat Intelligence Analyst
Documenting my exploration of malware analysis, reverse engineering, cryptography, and system security through technical writeups and open-source tools.
Incoming Transmissions
Recent deep dives, reverse engineering writeups, and technical tutorials.
SaltStack Internals: Remote Execution and Configuration Management Architecture
A deep technical analysis of SaltStack. Understand its dual nature as an execution engine and state manager, explore the ZeroMQ event bus, and see how it enables rapid incident response.
Security Onion Fundamentals: Network Security Monitoring and Threat Hunting
A practical introduction to Security Onion, explaining how it combines network security monitoring, log management, and threat hunting into a coherent blue team platform.
CTI Foundations: Part 1 - What Cyber Threat Intelligence Is and Why It Matters
Part 1 of the CTI Foundations series. Learn what CTI actually is, how the intelligence lifecycle works, and why understanding IOCs, TTPs, and intelligence consumers changes defensive outcomes.
DNS Security Analysis Series: Part 3 - Advanced Attack Techniques and Modern DNS Challenges
Advanced DNS attack vectors including tunneling, IDN abuse, encrypted DNS protocols, and enterprise security implementation strategies for security analysts.
A deep dive into reverse engineering Go binaries. Learn about Go's internal data structures, compilation flags, PCLNTAB, ABI changes, and how to reconstruct slice and interface operations in IDA Pro.
The Chomsky Hierarchy and Security: Why Parsers Matter
A deep dive into formal language theory, automata, and Turing machines and their profound implications for cybersecurity. Learn why regex WAFs fail, how injection attacks exploit parser differentials, and how to apply grammar-based parsing to stealer logs and malware analysis.