Curious about BigQuery? This tutorial will help you get started. BigQuery is a Google Cloud Platform service that provides serverless, scalable data analysis . …

Last month, I wrote a post about setting up honeypots on GCP where I stood up a low-interaction SSH honeypot. Since then, I’ve been able to log a few megabytes worth of unauthorized behavior. This post will report on a repeated security event targeting misconfigured MikroTik routers.

Event Behavior

The attacker logs…

Honeypots are useful tools for collecting unauthorized interactions as logs. These logs can be digested to identify new attacking techniques or observe active username/password patterns. In the context of a security team, it could provide actionable information to pre-emptively secure the studied environment.

This tutorial will discuss general SSH honeypot…

[Difficulty Level: ] [Time: ] [ Password Cracking ]

This article was written to document my solution to “Lernaean Hydra”, a retired hack the box web Challenge created by Arrexel. This tutorial involves password cracking and a little network packet analysis.

Gather Adversarial Data using SSH-Honeypot

** This article shows how to build a honeypot using Azure Portal, if you would like to learn more about honeypots before building one read this sister article I wrote: Honeypots Explained: In the Wild and in SecOps.

Start by building a resource group. This will manage all of the…

A crash course to using `update-alternatives`

First, check the current python3 version reference with python3:

$ python3 -V
Python 3.6.9

You can have python37 output python 3.7.x (where x is the latest version digit) using update-alternatives. First, install Python 3.7.

$ sudo apt-get install python3.7

To make the change, we’ll be using the tool update-alternatives. For…

A honeypot is a computer configured to be vulnerable in an attempt to log and study unauthorized interactions. Because Internet-facing systems are subject to constant automated attacks, it is important to be aware that any port open to the internet provides a bridge for outside parties to interact with your…

User and Entity Behavior Analytics (UEBA) is the analysis of user and entity behavior data to detect suspicious behaviors associated with security threats. UEBA tools establish baselines where ‘normal’ behavior can be defined and from which unique behavior can be quantified and tracked.

Source: 20th Century Fox Film Corporation

When unusual behavior is detected, the weight…

This article serves as a guide to installing and configuring roles on Windows 2016 servers using powershell.

To begin, right-click the Windows Powershell taskbar icon and select “Run as Administrator”. To view Windows features and statuses enter this command into the console:


To install an individual feature the following…


I enjoy researching defensive security topics.

