Introduction This is a follow up to A Little Less Malware, applying the same techniques to Linux and Windows data. There are some differences with this experiment. In the last one, we used Apple’s ...

G-Man: J. Edgar Hoover and the Making of the American Century Surf When You Can: Lessons in Life, Loyalty, and Leadership from a Maverick Navy Captain Wilmington’s Lie: The Murderous Coup of 18...

Introduction A coworker and I gave a talk at Objective by the Sea v7 on using Large Language Models (LLMs) as a behavioral detection. Another speaker, Colson, gave a great talk on why behavioral de...

Introduction After adding Kubernetes to my homelab, I wanted to learn how to hack and hunt for malicious activity involving containers. I found Kubernetes GOAT which provides a great way to practic...

Introduction I was recently catching up on some conference videos and saw a talk by Roberto Rodriguez on Empowering Security Teams with Generative AI: GPT models. This got me thinking about how to ...

I run a few services for the threat intelligence and hunting course that I teach, including CAPE, MISP, and Caldera. Last semester, I used a few VMs and Docker to provide these, but I wanted to lea...

Amazon Unbound: Jeff Bezos and the Invention of a Global Empire The Devil Never Sleeps: Learning to Live in an Age of Disasters All Blood Runs Red: The Legendary Life of Eugene Bullard―Boxer, P...

I wanted to add some phishing scenarios to my hunting homelab. I’m more concerned with being able to hunt on malicious emails than on stopping them, so DMARC, DKIM, and SPF are out of scope. If you...

This post has notes on how I added a macOS machine to my security homelab. Install macOS to Proxmox Follow this guide to install macOS onto a Proxmox cluster. This will result in an x86 based VM. ...

Bomber Mafia: A Dream, a Temptation, and the Longest Night of the Second World War Betrayal in Berlin: The True Story of the Cold War’s Most Audacious Espionage Operation Farm and Other F Words...