All Posts

The Archive

Every post, write-up, and deep-dive — searchable and filterable below.

Threat Intel Analysis
12 Jan 2025

Inside a Modern Ransomware Campaign: Anatomy of a Multi-Stage Attack

A deep-dive into the infrastructure, tooling, and TTPs behind a recent ransomware campaign targeting UK-based organisations.

⏲ 14 min Read →
Pen Testing
08 Jan 2025

Active Directory Misconfiguration Hunting with BloodHound

How to systematically map privilege escalation paths in enterprise AD environments using custom Cypher queries.

⏲ 10 min Read →
CTF
02 Jan 2025

HackTheBox: Forest — A Complete Walkthrough

Full write-up covering Kerberoasting, AS-REP roasting, and DCSync to achieve domain compromise.

⏲ 8 min Read →
OpSec
27 Dec 2024

Your VPN Isn't a Silver Bullet — The Real Privacy Stack

Breaking down misconceptions around privacy tooling and building a realistic, layered approach for 2025.

⏲ 7 min Read →
Malware
18 Dec 2024

Unpacking a Loader: Static Analysis with Ghidra

Step-by-step walkthrough of a loader sample — import resolution, string obfuscation, and payload extraction.

⏲ 12 min Read →
Blue Team
10 Dec 2024

Writing Effective Sigma Rules for SIEM Detection

A practical guide to authoring high-fidelity Sigma detection rules — reducing noise while catching what matters.

⏲ 9 min Read →
CTF
02 Dec 2024

TryHackMe: Advent of Cyber 2024 — Selected Challenges

My write-ups for the stand-out challenges from this year's AoC, focusing on web exploitation and forensics tasks.

⏲ 11 min Read →
Threat Intel
22 Nov 2024

Tracking Infrastructure: OSINT Techniques for Threat Pivoting

Using passive DNS, certificate transparency logs, and Shodan to pivot across adversary-controlled infrastructure.

⏲ 13 min Read →
Pen Testing
14 Nov 2024

Web Application Testing: Beyond the OWASP Top 10

Exploring business logic flaws, race conditions, and second-order injection patterns that automated scanners miss.

⏲ 10 min Read →
===== -->
Posts — Birenk

All Posts

The Archive

Every post, write-up, and deep-dive — searchable and filterable below.

Threat Intel Analysis
12 Jan 2025

Inside a Modern Ransomware Campaign: Anatomy of a Multi-Stage Attack

A deep-dive into the infrastructure, tooling, and TTPs behind a recent ransomware campaign targeting UK-based organisations.

⏲ 14 min Read →
Pen Testing
08 Jan 2025

Active Directory Misconfiguration Hunting with BloodHound

How to systematically map privilege escalation paths in enterprise AD environments using custom Cypher queries.

⏲ 10 min Read →
CTF
02 Jan 2025

HackTheBox: Forest — A Complete Walkthrough

Full write-up covering Kerberoasting, AS-REP roasting, and DCSync to achieve domain compromise.

⏲ 8 min Read →
OpSec
27 Dec 2024

Your VPN Isn't a Silver Bullet — The Real Privacy Stack

Breaking down misconceptions around privacy tooling and building a realistic, layered approach for 2025.

⏲ 7 min Read →
Malware
18 Dec 2024

Unpacking a Loader: Static Analysis with Ghidra

Step-by-step walkthrough of a loader sample — import resolution, string obfuscation, and payload extraction.

⏲ 12 min Read →
Blue Team
10 Dec 2024

Writing Effective Sigma Rules for SIEM Detection

A practical guide to authoring high-fidelity Sigma detection rules — reducing noise while catching what matters.

⏲ 9 min Read →
CTF
02 Dec 2024

TryHackMe: Advent of Cyber 2024 — Selected Challenges

My write-ups for the stand-out challenges from this year's AoC, focusing on web exploitation and forensics tasks.

⏲ 11 min Read →
Threat Intel
22 Nov 2024

Tracking Infrastructure: OSINT Techniques for Threat Pivoting

Using passive DNS, certificate transparency logs, and Shodan to pivot across adversary-controlled infrastructure.

⏲ 13 min Read →
Pen Testing
14 Nov 2024

Web Application Testing: Beyond the OWASP Top 10

Exploring business logic flaws, race conditions, and second-order injection patterns that automated scanners miss.

⏲ 10 min Read →