ThreatHunter Chronicles – Medium

ThreatHunter Chronicles

he/him

Logwatcher’s Zenit #06: Summiting the Pyramid

MITRE’s New Detection Model Explained.

5d ago

Logwatcher’s Zenit #06: Summiting the Pyramid

5d ago

Logwatcher’s Zenit #05: Beginner Mistakes in KQL

Finding your inner join in a leftouter world

Jul 3

Logwatcher’s Zenit #05: Beginner Mistakes in KQL

Jul 3

Logwatcher’s Zenit #04: VS Code for Analysts, part 2

Order in chaos is what separates a good analyst from a great one.

Jun 26

Logwatcher’s Zenit #04: VS Code for Analysts, part 2

Jun 26

Logwatcher’s Zenit #03: Histogram, the Weight Measurement of Logs

Bin it. Chart it. Peek at the peaks.

Jun 19

Logwatcher’s Zenit #03: Histogram, the Weight Measurement of Logs

Jun 19

Logwatcher’s Zenit #02: Simulating Attacks with Atomic Red Team

How to Validate Your Detection Logic Without Summoning a Real Threat Actor

Jun 12

Logwatcher’s Zenit #02: Simulating Attacks with Atomic Red Team

Jun 12

Dirty Bit #01: Dark Theme Sandbox

Force dark theme on launch, kill the evidence, walk away

Jun 5

Dirty Bit #01: Dark Theme Sandbox

Jun 5

SideQuest #01: How To Virtualise Sequoia

Converting Install macOS Sequoia.app to an ISO file

Jun 2

SideQuest #01: How To Virtualise Sequoia

Jun 2

Logwatcher’s Zenit #01: VS Code for Analysts, part 1

Here’s how to let your keyboard do the hunting.

May 29

Logwatcher’s Zenit #01: VS Code for Analysts, part 1

May 29

ThreatHunter Chronicles

Field notes from a Cybersecurity Analyst

May 26

ThreatHunter Chronicles

May 26

ThreatHunter Chronicles

ThreatHunter Chronicles

he/him

Cybersecurity and Threat Hunting Nerd. Microsoft MVP. Sharing knowledge and ideas when it comes to data parsing and investigation. Logs don't lie.

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech