Cyber Security posts

Centralisation, repeatability, and automation in a modular SOC
Cyber security sometimes means learning things backwards
Investigating Explorer's temporary ZIP folders and retrieving files
Parsing login sessions from the Windows event log with PowerShell
Linux .bash_history: Basics, behaviours, and forensics
SANS Holiday Hack Challenge 2021: Slot machine walkthrough
SANS Holiday Hack Challenge 2021: Yara rule analysis walkthrough
Installing Splunk Free in a virtual machine for log analysis
File carving: Recovering a deleted file from a Windows disk image
The best cyber security and technology books I read during 2020
Cracking a password-protected ZIP file with fcrackzip
Network connections and packet crafting on the Linux command line
Technicolor TG582n router: The missing event logging manual
Why virtual cyber security conferences should be the new normal
SANS FOR508: I’m now a GIAC Certified Forensic Analyst
Setting up Pi-hole to rein in an extremely noisy Samsung Smart TV
Long-form – HTTPS and VPNs: How private is your internet browsing?
Update: Cyber security projects, another trip to Japan, and plans for 2020
Update: I’m back, and Def Con has inspired me to get hacking
The Twitch streamer who wastes tech support scammers’ time
Python tools for Windows forensics: Mozilla Firefox browsing history
Investigating external network connections with netstat and OSINT
Python tools for Windows forensics: Microsoft Office recent files
Python tools for Windows forensics: Extracting a user’s Google Chrome history
Python tools for Windows forensics: Windows Security event log
Python tools for Windows forensics: Deleted files in the Recycle Bin
Cyber skills gap: Raising awareness of cyber security opportunities
Python tools for Windows forensics: Parsing Prefetch program data
Review – Threat Modeling: Designing for Security by Adam Shostack
SANS FOR500: I’m now a GIAC Certified Forensic Examiner
Approaching incident response on the front foot with the HARM method
Visualising connected hosts with a Python-generated network diagram
Seven things I’ve learnt in my first year as a cyber security consultant
A Python script to make sense of multi-dimensional Splunk exports
Review – InfoSec Rock Star: Because Geek Will Only Get You So Far
Security log analysis: How to group by two fields in Splunk
How passwords work – a simple demonstration in Python
What a security operations centre (SOC) is and how it works
Checking DNS requests against a domain blacklist in Python
Automatically generating SOC emails with a Python script
Incident triage: Identifying the source of a malware infection
What cyber security courses don’t prepare you for
Three of the best cyber security podcasts around
Update: I now work in cyber security
Rick Sanchez explains command injection
Finishing line: I’ve passed my GCIH exam!
Automating a brute force web attack
How I became a Linux person
Flaws are more troubling than surveillance
Halfway point: I’m now GSEC certified!
Hackers look just like you and me
Yes, your OS needs anti-virus software
CES’s gadgets create new data to be stolen
2017: New challenges for a new year
Talking cyber security on Chicago radio