Ghosts of Honolulu: A Japanese Spy, A Japanese American Spy Hunter, and the Untold Story of Pearl Harbor Cadillac Desert: The American West and Its Disappearing Water, Revised Edition The Unit:...

Way back in 2021 when I was working on my dissertation I used a Python library called macholibre to parse Mach-O files. There are several other options for parsing these file types. I’m sure they’r...

Introduction This is a follow up to A Little Less Malware, applying the same techniques to Linux and Windows data. There are some differences with this experiment. In the last one, we used Apple’s ...

G-Man: J. Edgar Hoover and the Making of the American Century Surf When You Can: Lessons in Life, Loyalty, and Leadership from a Maverick Navy Captain Wilmington’s Lie: The Murderous Coup of 18...

Introduction A coworker and I gave a talk at Objective by the Sea v7 on using Large Language Models (LLMs) as a behavioral detection. Another speaker, Colson, gave a great talk on why behavioral de...

Introduction After adding Kubernetes to my homelab, I wanted to learn how to hack and hunt for malicious activity involving containers. I found Kubernetes GOAT which provides a great way to practic...

Introduction I was recently catching up on some conference videos and saw a talk by Roberto Rodriguez on Empowering Security Teams with Generative AI: GPT models. This got me thinking about how to ...

I run a few services for the threat intelligence and hunting course that I teach, including CAPE, MISP, and Caldera. Last semester, I used a few VMs and Docker to provide these, but I wanted to lea...

Amazon Unbound: Jeff Bezos and the Invention of a Global Empire The Devil Never Sleeps: Learning to Live in an Age of Disasters All Blood Runs Red: The Legendary Life of Eugene Bullard―Boxer, P...

I wanted to add some phishing scenarios to my hunting homelab. I’m more concerned with being able to hunt on malicious emails than on stopping them, so DMARC, DKIM, and SPF are out of scope. If you...