@Cryptosrage
Security Engineer by day, Security Researcher by night
Nothing here yet.
Nothing here yet.
Oct 10, 2025 · 6 min read · The challenge provides a zip file. Download & Extract it with the PSW: BloodBreathSoulFire it gives us the project folders. You’ve been tasked with tracing the origin of the breach and uncovering the vulnerability before the anonymous adversary can...
Join discussion
Sep 16, 2025 · 1 min read · I have to rethink how I’ll approach this series using Sysmon and PowerShell queries as I was hoping to use some scripts I gathered from my OffSec labs. Sadly, after reading their ToS, I found out they do not allow the posting, sharing, or external us...
Join discussionSep 16, 2025 · 3 min read · Today’s analytic rule had be second guessing myself. For starters, I believe this was a custom rule slapped together by one of the junior analyst. The rule logic is as follows: SigninLogs | where ResultsDescription contains "Sign-in was blocked becau...
Join discussionSep 11, 2025 · 2 min read · In yesterday’s article, I went over how to create an allow list in a Sentinel Analytics query to exclude benign files. In that article, I hinted that a better solution was to create a watchlist in Sentinel to use as an allow list of safe files to avo...
Join discussionSep 10, 2025 · 7 min read · So this is going to be the beginning of a series where I document my journey into Detection Engineering. My main SIEM I’m using at this time is Microsoft Sentinel. This is a SIEM I’ve been dying to use at my old job and pitched the benefits of standi...
Join discussion