In this blog, we explore how detect and investigate file transfer activities, including FTP uploads/downloads, Impacket SMB interactions, and LOLBin abuse with focus on MDE telemetry.

Ready to move beyond just reading about cybersecurity and actually start building your skills? In this hands-on guide, you’ll learn how to set up your own attack and defense lab using Azure Arc, without draining your wallet. We’ll walk through connecting your on-prem Active Directory to the cloud and deploying Microsoft Sentinel to monitor key security and Sysmon logs. It’s a practical, hybrid environment where you’ll gain real-world experience. Let’s get to work.

In this blog, I break down the game I made for Bsides Amman’s Game Hacking Village, how it was meant to be hacked, where the flags were hidden, and what we can learn about reverse engineering in Godot.

In this blog you learn how to build a Logic App that automatically sends email notifications when a Microsoft Sentinel incident is triggered. This guide will show you how to make your alerting game smarter, faster, and way less manual, all with a bit of Azure magic.

In this blog post I’ll not only explain how to solve the challenge but will explain the algorithm used itself, what it is and why we often see it used in malware binaries.

In this blog, we explore how to go from raw logs to clean queries using Azure Data Explorer.