notes

latest: PDF Phishing Triage

Field Notes

Short technical write-ups, working notes, and reference material from active investigations and research.

allazurecryptodfiremail securitynetworking

PDF Phishing Triage

2/21/20263 min read

Static-first checklist to quickly classify phishing PDFs, extract redirects, and identify exploit indicators.

PCAP Analysis Using tshark For Some Malware

1/2/20262 min read

Dabbling with light malware analysis. Starting with investigating the PCAP file

Azure Lab Part 2: ForensicsVM & Linux Logging

12/2/20258 min read

Building a tiny Ubuntu ForensicsVM, locking down SSH, and wiring Syslog into Log Analytics with Azure Monitor Agent. Part 2 of my Azure lab series.

Azure Lab Part 1: Tenant & Subscription Baseline

12/1/20252 min read

How I structured my personal Azure tenant, subscription, and roles to support both AZ-500 studying and a small forensics lab. Part 1

Honey-Pi Notes: Turning a Spare Raspberry Pi into a Cloud DFIR Beacon

9/13/20253 min read

Why I turned an idle Raspberry Pi into a honeypot that ships to Azure Log Analytics, plus the tiny set of commands/aliases I’ll actually use.