Deep dive into Wazuh SIEM architecture - from All-in-One to Production Cluster. Based on real Mini SOC experience.

Why I Built This Environment The real test of a SOC environment is not whether the tools install successfully. It is whether telemetry moves through the architecture cleanly enough to support inve...

Introduction After a period of absence focused on studying and sharpening my skills, I’m back. I recently competed in a cybersecurity CTF and proudly secured 2nd place. It was a great experience,...

Scenario A high-profile corporation that manages critical data and services across diverse industries has reported a significant security incident. Recently their network has been impacted by a su...

PacketMaze Lab — Network Forensics Writeup Scenario A company’s internal server has been flagged for unusual network activity, with multiple outbound connections to an unknown external IP. Initial...

XLMRat (AsyncRAT) — Network Forensics Writeup Scenario A compromised machine was flagged due to suspicious network traffic. The objective of this analysis is to investigate the attack method, id...