PCAP Analysis Using tshark For Some Malware
1/2/2026 • 2 min readDabbling with light malware analysis. Starting with investigating the PCAP file
archive
every post, newest first.
Azure Lab Part 2: ForensicsVM & Linux Logging
12/2/2025 • 8 min readBuilding a tiny Ubuntu ForensicsVM, locking down SSH, and wiring Syslog into Log Analytics with Azure Monitor Agent. Part 2 of my Azure lab series.
Azure Lab Part 1: Tenant & Subscription Baseline
12/1/2025 • 2 min readHow I structured my personal Azure tenant, subscription, and roles to support both AZ-500 studying and a small forensics lab. Part 1
Honey-Pi Dispatch: Turning a Spare Raspberry Pi into a Cloud DFIR Beacon
9/13/2025 • 3 min readWhy I turned an idle Raspberry Pi into a honeypot that ships to Azure Log Analytics, plus the tiny set of commands/aliases I’ll actually use.
Azure + Colima: Forensics Setup Notes with Cheat Sheet
9/8/2025 • 3 min readNotes on how Azure (crime scene) and Colima/Docker (toolbox) fit together, plus a minimal cheat sheet for daily commands and setup patterns.
PGP + security.txt: Fast, Practical Notes
8/19/2025 • 4 min readOpenPGP basics, why to encrypt reports and sign what you publish, and how to cleartext-sign your security.txt.
Network Security: Foundations for SecOps
8/17/2025 • 3 min readPractical notes on segmentation, VPNs, proxies, OSI/TCP/IP, and why they matter in SecOps.
SMTP TLS Reporting (TLS-RPT)
8/16/2025 • 1 min readwhat TLS-RPT is, why it matters, and the minimal steps to enable it.
SMTP
8/15/2025 • 3 min readHow SMTP moves mail between servers and where it fits alongside IMAP/POP.
MTA-STS: Enforcing Secure Mail Delivery
8/14/2025 • 3 min readSecure SMTP delivery with strict TLS: what it is, why it exists, how to roll it out.
Email Authentication: SPF, DKIM, and DMARC
8/13/2025 • 3 min readIn-depth notes on email authentication, spoofing prevention, and policy configuration.