$
ls ./blog
Writing
Notes on DFIR, threat intelligence, detection engineering, and security automation.
Automating DFIR Triage with KAPE and Timeline Analysis
Building a pipeline from triage collection to interactive timeline.
Volatility Module Auto-Parser for Linux Memory Images
Automating the painful parts of Linux memory forensics.
Building a CTI Enrichment Pipeline: From Reports to Detection
End-to-end IoC extraction, enrichment, and detection deployment.