London, UK - Cyber security professional specialising in incident response and forensics, detection engineering, threat hunting, and SOC development. Former business and technology journalist
Interests
- Cyber security and tech
- Coding (Python, JS, C#)
- Psychology, philosophy
- Running and exercise
- Gaming (PC, PS4)
- Music (guitar)
- Sport (F1, football)
Currently thinking about
EVTX login session parser
I recently cobbled together a PowerShell script that extracts and correlates login/logout events from the Windows Security event log to identify user sessions. Read all about it - and try it out for yourself - in my overview blog post.
2023-03-26
Cyber security sometimes means learning things backwards
2023-02-17
Using winget to automate software deployment to a new laptop
2023-01-13
2023: Thoughts on new challenges and sharing experiences
2022-12-14
Investigating Explorer's temporary ZIP folders and retrieving files
2022-12-03
Parsing login sessions from the Windows event log with PowerShell
2022-08-21
Using Tkinter to build simple GUIs for Python apps
2022-02-22
Linux .bash_history: Basics, behaviours, and forensics
2022-01-08
SANS Holiday Hack Challenge 2021: Slot machine walkthrough
2022-01-08
SANS Holiday Hack Challenge 2021: Yara rule analysis walkthrough
2021-05-03
Backutil development: Implementing multiprocessing in Python