Feb 12, 2026 1 min Updated Feb 12, 2026
Practical Tagging for Research Notes
A low-friction tagging approach for a personal knowledgebase that still scales.
workflow notes detection
Latest posts
Notes, writeups, and detection engineering patterns.
Feb 01, 2026 1 min Updated Feb 10, 2026
The Quiet Drift of Evidence
Notes on preserving investigative signal while your timeline is still forming.
dfir methodology timelines
Cheatsheets
Compact, copy-friendly references for field work.
Feb 15, 2026 Updated Feb 15, 2026
Linux Triage Commands
Practical commands for fast on-host triage during IR.
Linux linux dfir triage
Feb 15, 2026 Updated Feb 15, 2026
Windows Event Logs Quick Map
A compact map of high-signal Windows logs for hunting and triage.
Windows windows telemetry detection
Focus now
Building compact detection notes, triage workflows, and practical mappings between telemetry and adversary behavior.