Citadel Cybersec
@citadelcysec.bsky.social
Cybersecurity Analyst | SAL1 | BTL1 | Security+ | TryHackMe | 💼 Available for Hire
Pinned
"The more the storm, the more the strength."
Douglas Malloch
Douglas Malloch
I’ve just published a deep dive into my experience with Advent of Cyber 🖥️🎄. If you're passionate about cybersecurity or just looking to learn more about this awesome event, my comprehensive review breaks it all down.
#CyberSecurity #AdventOfCyber #TechCommunity #Infosec #TryHackMe
#CyberSecurity #AdventOfCyber #TechCommunity #Infosec #TryHackMe
My First Advent of Cyber: A Comprehensive Review
As this was my first time participating in Advent of Cyber, I must say I’m quite impressed. While it is described as beginner-friendly, it…
medium.com
December 25, 2025 at 12:20 PM
I’ve just published a deep dive into my experience with Advent of Cyber 🖥️🎄. If you're passionate about cybersecurity or just looking to learn more about this awesome event, my comprehensive review breaks it all down.
#CyberSecurity #AdventOfCyber #TechCommunity #Infosec #TryHackMe
#CyberSecurity #AdventOfCyber #TechCommunity #Infosec #TryHackMe
How can Splunk SIEM be used to detect and analyze a DDoS attack? Check my writeup:
• Identifying malicious URIs
• Detecting botnet traffic
• Analyzing user agents
• Visualizing attack peaks with timechart
#Cybersecurity #Splunk #SIEM #DDoS #TryHackMe
• Identifying malicious URIs
• Detecting botnet traffic
• Analyzing user agents
• Visualizing attack peaks with timechart
#Cybersecurity #Splunk #SIEM #DDoS #TryHackMe
Leveraging Splunk SIEM to Detect DoS Attacks
TryHackMe Detecting Web DDoS Room, Task 5 Practical Exercise
medium.com
December 24, 2025 at 4:39 PM
How can Splunk SIEM be used to detect and analyze a DDoS attack? Check my writeup:
• Identifying malicious URIs
• Detecting botnet traffic
• Analyzing user agents
• Visualizing attack peaks with timechart
#Cybersecurity #Splunk #SIEM #DDoS #TryHackMe
• Identifying malicious URIs
• Detecting botnet traffic
• Analyzing user agents
• Visualizing attack peaks with timechart
#Cybersecurity #Splunk #SIEM #DDoS #TryHackMe
🔍 New write-up: Detecting ICMP & DNS tunneling and analyzing FTP cleartext attacks using Wireshark.
Step-by-step investigation of real PCAPs, filters, and attacker behavior
#Cybersecurity #Wireshark #BlueTeam #NetworkSecurity #ThreatDetection
Step-by-step investigation of real PCAPs, filters, and attacker behavior
#Cybersecurity #Wireshark #BlueTeam #NetworkSecurity #ThreatDetection
Wireshark Traffic Analysis: DNS and ICMP Traffic Tunneling & FTP Cleartext Protocol Analysis
A TryHackMe Practical Exercise Writeup
medium.com
December 22, 2025 at 5:36 PM
🔍 New write-up: Detecting ICMP & DNS tunneling and analyzing FTP cleartext attacks using Wireshark.
Step-by-step investigation of real PCAPs, filters, and attacker behavior
#Cybersecurity #Wireshark #BlueTeam #NetworkSecurity #ThreatDetection
Step-by-step investigation of real PCAPs, filters, and attacker behavior
#Cybersecurity #Wireshark #BlueTeam #NetworkSecurity #ThreatDetection
"The more the storm, the more the strength."
Douglas Malloch
Douglas Malloch
December 22, 2025 at 5:26 PM
"The more the storm, the more the strength."
Douglas Malloch
Douglas Malloch
Just published! A new Medium deep-dive on using Splunk and perimeter logs to reconstruct an attack from start to finish. If you want to strengthen your incident response skills, this breakdown has everything.
#CyberSecurity #Splunk #IncidentResponse #DFIR #NetworkSecurity
#CyberSecurity #Splunk #IncidentResponse #DFIR #NetworkSecurity
Splunk Incident Response: Reconstructing an Attack Using Perimeter Logs
TryHackMe — Network Security Essentials (Task 7 Practical Exercise)
medium.com
December 10, 2025 at 4:59 PM
Just published! A new Medium deep-dive on using Splunk and perimeter logs to reconstruct an attack from start to finish. If you want to strengthen your incident response skills, this breakdown has everything.
#CyberSecurity #Splunk #IncidentResponse #DFIR #NetworkSecurity
#CyberSecurity #Splunk #IncidentResponse #DFIR #NetworkSecurity
Just published a new Medium article on Wireshark Traffic Analysis!
Struggling to identify hosts or decode network behavior? I break down DHCP, NetBIOS, and Kerberos traffic with clear examples to level up your packet analysis skills. 👇
#Wireshark #CyberSecurity #NetworkSecurity
Struggling to identify hosts or decode network behavior? I break down DHCP, NetBIOS, and Kerberos traffic with clear examples to level up your packet analysis skills. 👇
#Wireshark #CyberSecurity #NetworkSecurity
Wireshark Traffic Analysis: Identifying Hosts: DHCP, NetBIOS and Kerberos
A TryHackMe Practical Exercise Writeup
medium.com
December 10, 2025 at 4:56 PM
Just published a new Medium article on Wireshark Traffic Analysis!
Struggling to identify hosts or decode network behavior? I break down DHCP, NetBIOS, and Kerberos traffic with clear examples to level up your packet analysis skills. 👇
#Wireshark #CyberSecurity #NetworkSecurity
Struggling to identify hosts or decode network behavior? I break down DHCP, NetBIOS, and Kerberos traffic with clear examples to level up your packet analysis skills. 👇
#Wireshark #CyberSecurity #NetworkSecurity
New TryHackMe write‑up!
Wireshark Traffic Analysis: ARP Poisoning and MITM.
If you're into network forensics or enjoy dissecting hostile traffic, you’ll appreciate this one.
#Wireshark #ARP #MITM
Wireshark Traffic Analysis: ARP Poisoning and MITM.
If you're into network forensics or enjoy dissecting hostile traffic, you’ll appreciate this one.
#Wireshark #ARP #MITM
Wireshark Traffic Analysis: ARP Poisoning & Man In The Middle
A TryHackMe Practical Exercise Writeup
medium.com
December 4, 2025 at 11:38 AM
New TryHackMe write‑up!
Wireshark Traffic Analysis: ARP Poisoning and MITM.
If you're into network forensics or enjoy dissecting hostile traffic, you’ll appreciate this one.
#Wireshark #ARP #MITM
Wireshark Traffic Analysis: ARP Poisoning and MITM.
If you're into network forensics or enjoy dissecting hostile traffic, you’ll appreciate this one.
#Wireshark #ARP #MITM
Check out my latest article on using Brim for threat hunting! From investigating CobaltStrike to detecting crypto mining—learn how to efficiently analyze network traffic and respond to real-world threats.
#Cybersecurity #ThreatHunting #Brim
#Cybersecurity #ThreatHunting #Brim
Searching, Filtering, and Correlation: Threat Hunting with Brim
TryHackMe Brim Room Write-up
medium.com
December 4, 2025 at 11:15 AM
Check out my latest article on using Brim for threat hunting! From investigating CobaltStrike to detecting crypto mining—learn how to efficiently analyze network traffic and respond to real-world threats.
#Cybersecurity #ThreatHunting #Brim
#Cybersecurity #ThreatHunting #Brim
I have recently published my latest writeup:
"Cloud-based Threat Detection with Splunk"
Check how I Solved Rotten Cloud Investigation in Blue Team Labs Online (Halloween 2025 Special Event)👇
#BTLO #Splunk #ThreatDetection
"Cloud-based Threat Detection with Splunk"
Check how I Solved Rotten Cloud Investigation in Blue Team Labs Online (Halloween 2025 Special Event)👇
#BTLO #Splunk #ThreatDetection
Cloud-based Threat Detection with Splunk
Solving Rotten Cloud Investigation — Blue Team Labs Online (Halloween 2025 Special Event)
medium.com
November 27, 2025 at 11:54 AM
I have recently published my latest writeup:
"Cloud-based Threat Detection with Splunk"
Check how I Solved Rotten Cloud Investigation in Blue Team Labs Online (Halloween 2025 Special Event)👇
#BTLO #Splunk #ThreatDetection
"Cloud-based Threat Detection with Splunk"
Check how I Solved Rotten Cloud Investigation in Blue Team Labs Online (Halloween 2025 Special Event)👇
#BTLO #Splunk #ThreatDetection
In my new article I break down how to analyze Nmap scans using Wireshark, with clear examples and packet insights.
Check it out 👉 medium.com/@citadelcybe...
#Cybersecurity #NetworkAnalysis #Wireshark
Check it out 👉 medium.com/@citadelcybe...
#Cybersecurity #NetworkAnalysis #Wireshark
Wireshark Traffic Analysis: Nmap Scans
Investigating a .pcap file to analyze a suspected Nmap scan using Wireshark. A practical TryHackMe exercise.
medium.com
November 24, 2025 at 3:33 PM
In my new article I break down how to analyze Nmap scans using Wireshark, with clear examples and packet insights.
Check it out 👉 medium.com/@citadelcybe...
#Cybersecurity #NetworkAnalysis #Wireshark
Check it out 👉 medium.com/@citadelcybe...
#Cybersecurity #NetworkAnalysis #Wireshark
A good refresher of what I learnt in CompTIA Security+ concerning Web Application Security, and including some cool practical exercises.
#TryHackMe #OWASP #cybersecurity
#TryHackMe #OWASP #cybersecurity
November 24, 2025 at 3:09 PM
A good refresher of what I learnt in CompTIA Security+ concerning Web Application Security, and including some cool practical exercises.
#TryHackMe #OWASP #cybersecurity
#TryHackMe #OWASP #cybersecurity
Investigating a vast, malicious email & URL phishing campaign! This is how attackers are targeting individuals & organizations.
Learn the techniques they use to bypass security measures👇
#Phishing #DFIR #Cybersecurity
Learn the techniques they use to bypass security measures👇
#Phishing #DFIR #Cybersecurity
Exposing a Vast Phishing Campaign by Probing Malicious Emails and URLs
TryHackMe Snapped Phish-ing Line Room Write‑Up
medium.com
November 21, 2025 at 12:01 PM
Investigating a vast, malicious email & URL phishing campaign! This is how attackers are targeting individuals & organizations.
Learn the techniques they use to bypass security measures👇
#Phishing #DFIR #Cybersecurity
Learn the techniques they use to bypass security measures👇
#Phishing #DFIR #Cybersecurity
How the Elastic Stack (ELK) can supercharge your SOC log investigations? 🔍
Check my detailed THM writeup on using #ElasticSearch for SIEM analysis & incident response!
#Cybersecurity #SOC #ElasticStack
Check my detailed THM writeup on using #ElasticSearch for SIEM analysis & incident response!
#Cybersecurity #SOC #ElasticStack
Elastic Stack (ELK) for SOC Log Investigations
TryHackMe Elastic Stack: The Basics, Tasks 4 and 5 Writeup
medium.com
November 17, 2025 at 6:09 PM
How the Elastic Stack (ELK) can supercharge your SOC log investigations? 🔍
Check my detailed THM writeup on using #ElasticSearch for SIEM analysis & incident response!
#Cybersecurity #SOC #ElasticStack
Check my detailed THM writeup on using #ElasticSearch for SIEM analysis & incident response!
#Cybersecurity #SOC #ElasticStack
November 17, 2025 at 6:02 PM
I uncover data hidden in network traffic, from identifying device information to analyzing anomalous behaviors in my new write-up “Network Forensics with NetworkMiner”.
#CyberSecurity #NetworkForensics #DFIR #PCAP #NetworkMiner
#CyberSecurity #NetworkForensics #DFIR #PCAP #NetworkMiner
Network Forensics with NetworkMiner
Investigating PCAP files in TryHackMe’s NetworkMiner Room: Tool Overview 2
medium.com
November 14, 2025 at 6:01 PM
I uncover data hidden in network traffic, from identifying device information to analyzing anomalous behaviors in my new write-up “Network Forensics with NetworkMiner”.
#CyberSecurity #NetworkForensics #DFIR #PCAP #NetworkMiner
#CyberSecurity #NetworkForensics #DFIR #PCAP #NetworkMiner
How the new TryHackMe approaches the SOC Level 1 path to the real world Security Analyst role: From lots of general tooling to specific SIEM and detection!
#TryHackMe #SOC #BlueTeam
#TryHackMe #SOC #BlueTeam
The new TryHackMe SOC Level 1 Path
Now getting ready for the job got even better
medium.com
November 12, 2025 at 10:58 AM
How the new TryHackMe approaches the SOC Level 1 path to the real world Security Analyst role: From lots of general tooling to specific SIEM and detection!
#TryHackMe #SOC #BlueTeam
#TryHackMe #SOC #BlueTeam
TryHackMe’s Live Attacks challenge plus Snort → hands-on IDS rule writing and real-time detection. I walked the labs and share the exact rules I used.
#TryHackMe #IDS #Snort
#TryHackMe #IDS #Snort
Mastering Snort: Stopping Real-Time Attacks from the TryHackMe “Live Attacks” Challenge
Learn how to detect and block brute-force and reverse shell attacks using Snort IDS/IPS — step-by-step, hands-on, and beginner-friendly.
medium.com
November 12, 2025 at 10:56 AM
TryHackMe’s Live Attacks challenge plus Snort → hands-on IDS rule writing and real-time detection. I walked the labs and share the exact rules I used.
#TryHackMe #IDS #Snort
#TryHackMe #IDS #Snort
Network Forensics with NetworkMiner — Investigating PCAP files in TryHackMe’s NetworkMiner Overview 1 Room.
I walk through host discovery, credential extraction, and identifying potential indicators of compromise.
#CyberSecurity #DigitalForensics #TryHackMe #NetworkMiner #InfoSec
I walk through host discovery, credential extraction, and identifying potential indicators of compromise.
#CyberSecurity #DigitalForensics #TryHackMe #NetworkMiner #InfoSec
Network Forensics with NetworkMiner
Investigating PCAP files in TryHackMe’s NetworkMiner Overview 1 Room
medium.com
November 7, 2025 at 10:53 AM
Network Forensics with NetworkMiner — Investigating PCAP files in TryHackMe’s NetworkMiner Overview 1 Room.
I walk through host discovery, credential extraction, and identifying potential indicators of compromise.
#CyberSecurity #DigitalForensics #TryHackMe #NetworkMiner #InfoSec
I walk through host discovery, credential extraction, and identifying potential indicators of compromise.
#CyberSecurity #DigitalForensics #TryHackMe #NetworkMiner #InfoSec
Find out how real-world intrusion detection works with my detailed Snort Challenge walkthrough. From writing rules to spotting exploits; a really comprehensive exercise.
#Cybersecurity #IDS #Snort #TryHackMe
#Cybersecurity #IDS #Snort #TryHackMe
Snort Challenge — The Basics Write-Up
Practicing IDS rule creation, syntax debugging, and exploit detection in TryHackMe
medium.com
November 6, 2025 at 11:32 AM
Find out how real-world intrusion detection works with my detailed Snort Challenge walkthrough. From writing rules to spotting exploits; a really comprehensive exercise.
#Cybersecurity #IDS #Snort #TryHackMe
#Cybersecurity #IDS #Snort #TryHackMe
