CVE-2025-24893 — XWiki Groovy Macro RCE Net.Doge & Infinit3i CVE-2025-24893 is a remote code execution vulnerability affecting XWiki, caused by improper sandboxing when Groovy macros are ...

Detection rules are scattered, duplicated, and unmanaged once scale is introduced. Sigma, YARA, Suricata, and Splunk rules exist across hundreds of repositories, often rewritten with small cosmetic...

Agent Tesla is a remote access trojan (RAT) written in .NET that has been actively targeting users with Microsoft Windows OS-based systems since 2014. It is a versatile malware with a wide range of...

GMON was a very different experience compared to my previous certifications. After completing GCFA, I felt far more confident in my ability to learn and apply advanced material, so I approached GMO...

Godzilla is a stealth-focused webshell management framework widely used fors maintaining persistent access to compromised web servers. It supports multiple server-side languages and enables attacke...

Defensive Rules I wanted this to be a place where I could save my detection rules that were custom to better find what I didn’t see of abundance. Defensive Rules is a curated collection of Sigma ...

LummaStealer, also known as LummaC2, is an information stealer offered through a malware-as-a-service model on Russian-speaking forums since at least August 2022. It is commonly delivered through p...

IOC-Detections — Threat Hunting & IOCs Collection IOC-Detections is a curated repository of Indicators of Compromise (IOCs), detection logic, and investigative notes assembled through active r...

I completed Splunk Cluster Administration training on February 13, 2025. The course focused on running Splunk at scale and understanding how the platform behaves in real distributed environments. ...

Earth Alux is a China-linked cyber espionage group observed targeting government, industrial, and technology sectors. The group deploys modular toolkits and web shells, and has demonstrated fileles...

HUNT-AI — Threat Hunting Artificial Intelligence HUNT-AI is a threat hunting platform designed to help analysts structure, track, and execute investigations more effectively. The project focuses o...

GCFA was the certification I spent the most time on and the one that helped me the most as a threat hunter and incident responder. More than any other exam, it changed how I approach investigations...

Visit here Start Me I created this Start.me page to help my team in the Marine Corps. I wanted one place where people could learn and grow. This page is built to support IT, SOC analysts, incident...

Tycoon 2FA is an Adversary-in-the-Middle (AiTM) phishing kit sold as phishing-as-a-service (PhaaS). It targets Microsoft 365 and Gmail by proxying legitimate login flows to intercept credentials an...

Pursuing my master’s degree sharpened more than my writing ability. It trained me to communicate complex ideas with clarity. I learned how to structure papers to persuade informed audiences and how...

I built an OpenSSH honeypot on Unraid to observe and control real-world attacker behavior hitting exposed services. The goal was not just to block access, but to study how automated and manual intr...

I completed the Red Team Operator course on May 13, 2024. The course focused on the Marine Corps approach to red teaming and offensive operations, emphasizing disciplined tradecraft and operational...

Cyber Nerd Discord Bot The Cyber Nerd Discord Bot is an interactive cybersecurity learning bot designed to continuously challenge and educate users through daily questions, live updates, and autom...

GCIH was a beast for me. Going into this exam, I was extremely stressed. Everyone I talked to said SANS certifications were the hardest out there and that they would test the full depth of your kno...

I completed SecurityX on February 23, 2024, and this exam was huge for me. This was the first certification where I put the full weight of everything I knew into preparation. Focus on the Exam...