Defence blues

An investigation with Splunk + CKC

Red tradecraft
Privacy greenhouse
Purple crossroads
Indigo observatory
Contact

Initializing search

Defence blues

Blue team @Home
Servers without a security team
Honeytech for humans
Blue team for dev
OT and ICS security
Counter moves
Golem Trust Computing Ltd.
Department of Silent Stability
The Home for Bewildered Beasts of Legend
Archive
Archive
- Digital forensics and incident response
- Network traffic analysis
- Security information and event management
  Security information and event management
  - SIEM and threat intelligence/hunting notes
  - An investigation with Splunk + CKC
    
    An investigation with Splunk + CKC
    
    Splunk investigation walkthrough
    
    I am really not batman
    
    Reconnaissance phase
    
    Exploitation phase
    
    Installation phase
    
    Action on objectives
    
    Command and control phase
    
    Weaponisation phase
    
    Delivery phase
  - An investigation with Splunk + CKC An investigation with Splunk + CKC
    Table of contents
    
    Splunk investigation walkthrough
    
    I am really not batman
    
    Reconnaissance phase
    
    Exploitation phase
    
    Installation phase
    
    Action on objectives
    
    Command and control phase
    
    Weaponisation phase
    
    Delivery phase
  - TryHackMe rooms
  - Puzzles @Cyberdefenders
  - Boss of the SOC v2
  - Big-Picture view of current real-world attacks
- Cryptanalysis
- Reverse engineering
- Steganography

An investigation with Splunk + CKC¶

The only marathon where the finish line is a .conf file.

Splunk investigation walkthrough
I am really not batman
Reconnaissance phase
Exploitation phase
Installation phase
Action on objectives
Command and control phase
Weaponisation phase
Delivery phase

2026-05-27 11:27

© Copyright 2026, TyMyrddin.

Created using Sphinx 7.2.6. and Sphinx-Immaterial

Made with love in the Unseen University, 2026, with a forest garden fostered by /ut7