Sleep Data Tracking: 10-Week Follow-Up Back in January, I kicked off an experiment to track my sleep with my Apple Watch Series 10, hoping to improve my rest and boost my deep sleep - the stage that is supposed to leave you feeling rejuvenated. My first night’s data (6 hours 52 minutes, 24.76% REM, 64.32% core, 8.74% deep, 2.18% awake) set the baseline, and I planned to check my progress after three months....
Hack The Box Starting Point - Meow Walkthrough Welcome to the first post in my Hack The Box Starting Point series! This series will cover the beginner-friendly machines in Hack The Box’s Starting Point track, designed to help newcomers learn the basics of penetration testing. Today, we’re tackling Meow, a straightforward machine that introduces key concepts like VPN connections, port scanning, and basic service enumeration. This walkthrough includes a guide to setting up your hacking environment to finding your first ever flag!...
RE2 in Kusto If you work with Kusto (Azure Data Explorer), you’re inevitably going to find yourself needing regular expressions. As someone who writes Kusto queries daily in security operations, I’ve developed a love-hate relationship with RE2 regex in KQL. It’s so powerful, but can be difficult to get your head around. This is my personal cheat sheet that I refer to, and I hope it saves you some time too....
This guide provides step-by-step instructions on how to analyse a malware sample on ANY.RUN. By following these steps, users can navigate the platform, search for existing malware samples, view connections and network traffic, collect IOCs, and gather more information about the threat. Navigate to ANY.RUN Go to ANY.RUN. Public Tasks Click “Public tasks” to view the public directory and submissions from the community. Filter by Tag, Hash, or IOCs Click here to filter by tag, hash, or other IOCs....
Sleep Data Tracking Analysing My First Night of Sleep with Apple Watch I recently decided to track my sleep using my Apple Watch (Series 10) because I thought it would be interesting. I plan to compare this data to my average sleep health in 3 months to see any progress. Here’s a breakdown of my sleep stages and a comparison to optimal sleep ratios. My Sleep Data: Time Slept: 01:09 AM - 08:01 AM Total Sleep Time: 6 hours 52 minutes Breakdown: REM Sleep: 1 hour 42 minutes (24....
Bash Scripting Cheat Sheet: A Practical Guide I found myself doing the same tasks over and over again at work, and decided it was time to properly learn some bash scripting. Here’s my personal cheat sheet with the commands and patterns I actually use. The Basics: Variables and Output The building blocks of any script start with variables and displaying information. Nothing fancy, but you’ll use these constantly. Defining a Variable name="Lewis" Pro tip: Bash is extremely picky about spaces....
Kusto Query Hints and Strategies When you’re working with a large volume of log data, query performance becomes more important. If you’ve ever stared at a loading screen while your Kusto query slowly runs in the background, this post is for you. Alternatively, if you grab a cup of tea while your query is running, you’re probably okay to not bother reading this. However, these are some performance hints I actually use (sometimes), not just theoretical optimisations....
Kusto Detective Agency Walkthrough of answers for Kusto Detective Agency Season 1 Welcome to the Kusto Detective Agency! This blog post provides a walkthrough for the Season 1 challenges, with the Kusto query answers hidden in collapsible sections so you can try to solve the challenges yourself first. Hints: Remember if you get stuck to refer to the hints in this answer sheet and in Kusto Detective Agency before checking the answers!...
Introduction Phobos ransomware has been previously observed impersonating the well-known malware research community Vx-Underground. Initial access methods for Phobos are varied, but it has been known for exploiting software vulnerabilities, launching phishing campaigns to spread malicious payloads, and accessing hosts through external services such as brute forcing RDP. Despite its significant operational impact, with Phobos accounting for a notable 4% of all submissions to the ID Ransomware service in 2023, it hasn’t achieved the notoriety of other Ransomware-as-a-Service (RaaS) operations like Lockbit or REvil....
This post details my analysis of AgentTesla and ZGRat malware samples, examining their behaviour, capabilities, and the indicators of compromise they leave behind. Overview The analysis revealed a sophisticated malware operation using both AgentTesla and ZGRat, with data exfiltration capabilities and persistence mechanisms. The malware authors implemented various techniques to evade detection while harvesting sensitive information from infected systems. Configuration Analysis The configuration analysis revealed SMTP credentials likely used for exfiltrating data:...