🔍Just published a detailed SOC investigation based on a TryHackMe CTF, analyzing a multi-stage attack using Splunk. From malicious file execution to credential dumping with Mimikatz and lateral movement.
#CyberSecurity #SOCAnalyst #Splunk #ThreatHunting #IncidentResponse
🕵️♂️I analyzed a full attack chain:
Brute force → Web shell → Data exfiltration
Working with:
· Web server and WAF logs
· XDR telemetry
· MITRE ATT&CK mapping
TryHackMe First Shift CTF – Task 5: Portal Drop Writeup
#cybersecurity #socanalyst #blueteam #tryhackme #incidentresponse
New write-up: Inside a Phishing Attack — TryHackMe First Shift CTF, Task 4.
I walk through a real SOC-style phishing investigation: email header analysis, DMARC findings, attachment decoding, obfuscation, MITRE ATT&CK mapping, and threat actor attribution.
#Cybersecurity #Phishing
Growing steadily in Defensive Security 🔒
My TryHackMe Capability Score places me at a Mid-level Security Professional, showing the power of persistence and curiosity.
Focused on: SOC challenges, real-world scenarios, and continuous learning documented in write-ups.
Learning. Adapting. Defending.
🧑💻 I just published a hands-on SOC investigation from TryHackMe’s First Shift CTF (Task 3), covering:
• Threat intelligence analysis
• IOC enrichment
• Malware investigation
• MITRE ATT&CK mapping
#CyberSecurity #ThreatIntelligence #BlueTeam #InfoSec
“We are what we repeatedly do. Excellence, then, is not an act, but a habit.”
Aristotle
Thank you for the advice. Yes, I heard about the importance of labs. Next thing to do on my list! 😊🙏
Just published the second part of TryHackMe Splunk 2 (Bots v2). A hands-on SOC workflow covering:
• Ransomware
• Malware execution
• C2 traffic
• Persistence analysis
#CyberSecurity #SOCAnalyst #Splunk #SIEM
🎉 I passed AZ-900 (Azure Fundamentals) last week!
Building a strong defensive skill set: Security+, SAL1, BTL1, SPLK-1001 & Google Cybersecurity Cert.
Focused on log analysis, SOC workflows & Blue Team skills. Seeking entry-level SOC Analyst roles.
#cybersecurity #SOCAnalyst #BlueTeam
My new post on my TryHackMe Splunk 2 (Bots v2) investigation covers:
• Data collection & filtering
• Deep-dive into raw event logs
• Pattern recognition & correlation
• Identifying phishing & exfiltration activity
A practical look at real SOC investigation workflows.
#InfoSec #BlueTeam #Splunk
🕵️ Investigating malicious activity with Sysmon & Splunk
I just published a hands-on walkthrough of the TryHackMe New Hire Old Artifacts challenge where I:
• Hunt suspicious binaries
• Trace attacker activity
• Detect system modifications
#CyberSecurity #SOCAnalyst #Splunk #Sysmon #ThreatHunting
🔥 180-Day TryHackMe Streak! 🔥
Hands-on challenges every day for 180 days—leveling up SIEM, Threat Intel & Network Security.
My certs: Security+, BTL1, SAL1, Splunk.
From logs to networks, building applied skills that make entry-level Security Analysts day 1 ready.
#cybersecurity #Infosec
New Cyber Threat Intelligence Write-Up 🔎
I investigated a suspicious artifact in a threat intel scenario — pivoting from IOCs to uncover malware behavior, infrastructure, and attacker activity.
#cybersecurity #threatintel #malwareanalysis #threathunting #socanalyst #infosec #dfir #blueteam
🔧 Ready to build your own Splunk Homelab? I just posted a detailed guide on setting up a practice lab for the SPLK-1001 certification! SPL commands and dashboard practice with step-by-step instructions.
medium.com/@citadelcybe...
#Splunk #SPLK1001 #Cybersecurity #Infosec #SplunkCertified #Homelab
💻 If you're looking to understand network traffic at a granular level, my latest guide has you covered! Solving TryHackMe's Wireshark Traffic Analysis room goes from packet inspection to detailed network behavior analysis.
#Wireshark #NetworkSecurity #CyberSecurity #TrafficAnalysis #PacketAnalysis
"Amat Victoria Curam"
"Victory loves preparation"
Gaius Valerius Catullus
Looking to level up your skills as a SOC Analyst or Blue Team Defender? Mastering regular expressions (regex) is a must! Check out my latest write-up solving TryHackMe's regex room.
👉 medium.com/@citadelcybe...
#CyberSecurity #Regex #IncidentResponse
Think like a real SOC analyst.
I just published a detailed TryHackMe Volt Typhoon write-up breaking down a full APT investigation — from initial access to C2 and cleanup.
If you're preparing for blue team roles, this room is gold.
#TryHackMe #ThreatHunting #SOCAnalyst #BlueTeam #MITREATTACK
Dive into practical insights with real traffic analysis! Learn how to spot cleartext credentials and craft better firewall rules using #Wireshark — perfect for threat hunters and SOC teams. 🔍
#CyberSecurity #NetworkSecurity #ThreatHunting #SOC
Just published a ShadowTrace walkthrough from TryHackMe, covering malware analysis, IOC extraction, and alert decoding.
#Cybersecurity #MalwareAnalysis #DFIR #TryHackMe #IncidentResponse
"Know thy self, know thy enemy. A thousand battles, a thousand victories."
孫子
If you’re preparing for TryHackMe’s Security Analyst Level 1 (SAL1) — this practical study guide breaks down my preparation strategy, what to expect in the theory + hands-on parts, and how to approach real SOC tasks.
#CyberSec #TryHackMe #CareerTips #InfoSec
Just published a new writeup on detecting web shells in a compromised WordPress environment using Apache access logs.
Based on the TryHackMe Detecting Web Shells room, this article focuses on practical log analysis and incident response techniques.
#Cybersecurity #BlueTeam #TryHackMe
New TryHackMe write-up 🔍
Encrypted Protocol Analysis: Decrypting HTTPS
• TLS Client Hello identification
• Decrypting HTTPS with Key Log Files
• HTTP/2 analysis in Wireshark
• Extracting hidden data from PCAPs
Read here:
medium.com/@citadelcybe...
#Cybersecurity #Wireshark #NetworkSecurity
"Igitur quī dēsīderat pācem, præparet bellum"
Publius Flavius Vegetius Renatus
The conditions of peace are often preserved by a readiness to make war to defend said peace when the need arises.
In my new article I walk through TryHackMe’s Sysmon Room, Task 10 – Practical Investigations, showing how to analyze real attack scenarios using Sysmon logs, Event Viewer, and PowerShell
👉 Read it here: medium.com/@citadelcybe...
#TryHackMe #Sysmon #IncidentResponse #BlueTeam #IncidentResponse
🔍 Ever wondered how to analyze HTTP traffic in Wireshark? Check out my latest TryHackMe writeup where I break down the steps and techniques for better network security insights!
medium.com/@citadelcybe...
#Cybersecurity #Wireshark #networksecurity
I’ve just published a deep dive into my experience with Advent of Cyber 🖥️🎄. If you're passionate about cybersecurity or just looking to learn more about this awesome event, my comprehensive review breaks it all down.
#CyberSecurity #AdventOfCyber #TechCommunity #Infosec #TryHackMe
How can Splunk SIEM be used to detect and analyze a DDoS attack? Check my writeup:
• Identifying malicious URIs
• Detecting botnet traffic
• Analyzing user agents
• Visualizing attack peaks with timechart
#Cybersecurity #Splunk #SIEM #DDoS #TryHackMe
🔍 New write-up: Detecting ICMP & DNS tunneling and analyzing FTP cleartext attacks using Wireshark.
Step-by-step investigation of real PCAPs, filters, and attacker behavior
#Cybersecurity #Wireshark #BlueTeam #NetworkSecurity #ThreatDetection