JJJaewook Junginwoogi.me·Jun 23 · 9 min readMalware Analysis FundamentalsWhen a hash hits VirusTotal with one detection out of seventy, that's not enough to call it malicious. When it hits zero, that's also not enough to call it clean. Malware analysis is the work that fil00
JJJaewook Junginwoogi.me·Jun 6 · 8 min readThreat Hunting MethodologyMost security tools are reactive. Alerts fire after a rule matches, and analysts triage. Threat hunting flips that: you assume something has already evaded the tools, and you go look for it. This post00
JJJaewook Junginwoogi.me·May 25 · 8 min readWireshark: Traffic Analysis for IRWhen a Snort alert fires or a NetFlow anomaly surfaces, the next question is always the same: what actually happened on the wire? Wireshark is the answer most blue teamers reach for. This post is a wo10
JJJaewook Junginwoogi.me·May 18 · 7 min readNetwork Security: IDS/IPS and SnortNetwork defense splits cleanly into two questions: what gets through the perimeter, and what do you do when something does? This post covers the second question. IDS, IPS, the detection techniques beh00
JJJaewook Junginwoogi.me·May 16 · 9 min readFrom FIX Sessions to SIEM Alerts: A Pre-SOC Career on the Trading DeskI'm not a SOC analyst yet. I'm a Master of Cybersecurity student at RMIT, transitioning from a four-year career on a Korean securities trading desk where I owned the FIX-protocol connections to overse00