London, UK - Cyber security professional with a particular interest in incident response and forensics, event logging, SOC, and SIEM management. SANS Cyber Retraining Academy graduate and ex-journalist
Interests
- Cyber security and tech
- Coding (Python, C#)
- Reading and writing
- Running and exercise
- Playing guitar
- Gaming (mainly PC)
- Formula 1 and football
Currently thinking about
EVTX login session parser
I recently cobbled together a PowerShell script that extracts and correlates login/logout events from the Windows Security event log to identify user sessions. Read all about it - and try it out for yourself - in my overview blog post.
2023-01-13
2023: Thoughts on new challenges and sharing experiences
2022-12-14
Investigating Explorer's temporary ZIP folders and retrieving files
2022-12-03
Parsing login sessions from the Windows event log with PowerShell
2022-08-21
Using Tkinter to build simple GUIs for Python apps
2022-02-22
Linux .bash_history: Basics, behaviours, and forensics
2022-01-08
SANS Holiday Hack Challenge 2021: Slot machine walkthrough
2022-01-08
SANS Holiday Hack Challenge 2021: Yara rule analysis walkthrough
2021-05-03
Backutil development: Implementing multiprocessing in Python
2021-05-01
Installing Splunk Free in a virtual machine for log analysis
2021-04-02
File carving: Recovering a deleted file from a Windows disk image