WiLLson ➟ 👨💻 🐍
@themeek766.bsky.social
👨🏽💻| I write about Tech, SOC workflows, SIEM alerts, threat analysis, and incident response so you can think like a blue-team analyst.
SOC insight: control connectivity, monitor everything.
Understanding the network = understanding the system.
Understanding the network = understanding the system.
January 25, 2026 at 10:55 PM
SOC insight: control connectivity, monitor everything.
Understanding the network = understanding the system.
Understanding the network = understanding the system.
𝗗𝗮𝘆 3/30 ~ 𝗜𝗣 𝗔𝗱𝗱𝗿𝗲𝘀𝘀𝗶𝗻𝗴 𝗠𝗶𝗻𝗱𝘀𝗲𝘁 🧵
IP gives identity.
• IPv4 = limited
• IPv6 = scalable
• Public vs Private = reach vs isolation
↓
APIPA isn’t random.
It’s a failure signal.
No IP.
No communication.
IP gives identity.
• IPv4 = limited
• IPv6 = scalable
• Public vs Private = reach vs isolation
↓
APIPA isn’t random.
It’s a failure signal.
No IP.
No communication.
January 25, 2026 at 9:13 PM
𝗗𝗮𝘆 3/30 ~ 𝗜𝗣 𝗔𝗱𝗱𝗿𝗲𝘀𝘀𝗶𝗻𝗴 𝗠𝗶𝗻𝗱𝘀𝗲𝘁 🧵
IP gives identity.
• IPv4 = limited
• IPv6 = scalable
• Public vs Private = reach vs isolation
↓
APIPA isn’t random.
It’s a failure signal.
No IP.
No communication.
IP gives identity.
• IPv4 = limited
• IPv6 = scalable
• Public vs Private = reach vs isolation
↓
APIPA isn’t random.
It’s a failure signal.
No IP.
No communication.
𝗠𝗮𝘀𝘀 𝗦𝘂𝗿𝘃𝗲𝗶𝗹𝗹𝗮𝗻𝗰𝗲 𝗙𝗿𝗼𝗺 𝗣𝘂𝗯𝗹𝗶𝗰 𝗗𝗮𝘁𝗮
An Australian researcher scraped Waze reports to link usernames to real people.
No hacking.
Just metadata correlation.
He could infer where users lived and worked.
Waze removed the exposed usernames after disclosure.
Public data adds up fast.
An Australian researcher scraped Waze reports to link usernames to real people.
No hacking.
Just metadata correlation.
He could infer where users lived and worked.
Waze removed the exposed usernames after disclosure.
Public data adds up fast.
January 25, 2026 at 1:58 PM
𝗠𝗮𝘀𝘀 𝗦𝘂𝗿𝘃𝗲𝗶𝗹𝗹𝗮𝗻𝗰𝗲 𝗙𝗿𝗼𝗺 𝗣𝘂𝗯𝗹𝗶𝗰 𝗗𝗮𝘁𝗮
An Australian researcher scraped Waze reports to link usernames to real people.
No hacking.
Just metadata correlation.
He could infer where users lived and worked.
Waze removed the exposed usernames after disclosure.
Public data adds up fast.
An Australian researcher scraped Waze reports to link usernames to real people.
No hacking.
Just metadata correlation.
He could infer where users lived and worked.
Waze removed the exposed usernames after disclosure.
Public data adds up fast.
𝗗𝗮𝘆 6/𝟭𝟬 ~ 𝗧𝗲𝘅𝘁 & 𝗦𝗵𝗲𝗹𝗹 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Logs are noise until you extract signal.
• grep, awk, pipelines → find what matters
• Shell scripts → automate, reduce errors
• Raw data → actionable info
SOC work is about turning chaos into clarity.
Automation + text-processing = operator superpowers.
Logs are noise until you extract signal.
• grep, awk, pipelines → find what matters
• Shell scripts → automate, reduce errors
• Raw data → actionable info
SOC work is about turning chaos into clarity.
Automation + text-processing = operator superpowers.
January 24, 2026 at 9:57 PM
𝗗𝗮𝘆 6/𝟭𝟬 ~ 𝗧𝗲𝘅𝘁 & 𝗦𝗵𝗲𝗹𝗹 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Logs are noise until you extract signal.
• grep, awk, pipelines → find what matters
• Shell scripts → automate, reduce errors
• Raw data → actionable info
SOC work is about turning chaos into clarity.
Automation + text-processing = operator superpowers.
Logs are noise until you extract signal.
• grep, awk, pipelines → find what matters
• Shell scripts → automate, reduce errors
• Raw data → actionable info
SOC work is about turning chaos into clarity.
Automation + text-processing = operator superpowers.
𝗗𝗮𝘆 2/30 ~ 𝗦𝘂𝗯𝗻𝗲𝘁𝘁𝗶𝗻𝗴 𝗠𝗶𝗻𝗱𝘀𝗲𝘁 🧵
Subnetting isn’t math.
It’s organization.
• CIDR defines size
• Masks split network vs host
↓
Patterns > memorization.
Control the address space.
Control the network.
Subnetting isn’t math.
It’s organization.
• CIDR defines size
• Masks split network vs host
↓
Patterns > memorization.
Control the address space.
Control the network.
January 24, 2026 at 7:38 PM
𝗗𝗮𝘆 2/30 ~ 𝗦𝘂𝗯𝗻𝗲𝘁𝘁𝗶𝗻𝗴 𝗠𝗶𝗻𝗱𝘀𝗲𝘁 🧵
Subnetting isn’t math.
It’s organization.
• CIDR defines size
• Masks split network vs host
↓
Patterns > memorization.
Control the address space.
Control the network.
Subnetting isn’t math.
It’s organization.
• CIDR defines size
• Masks split network vs host
↓
Patterns > memorization.
Control the address space.
Control the network.
𝗕𝗶𝘁𝗟𝗼𝗰𝗸 & 𝗣𝗿𝗶𝘃𝗮𝗰𝘆 🔐
Microsoft gave the FBI BitLocker keys to unlock three laptops tied to a COVID relief fraud in Guam.
Lesson: Cloud-stored encryption keys can help law enforcement but they also reduce user privacy.
Encryption is strong, but not absolute.
Microsoft gave the FBI BitLocker keys to unlock three laptops tied to a COVID relief fraud in Guam.
Lesson: Cloud-stored encryption keys can help law enforcement but they also reduce user privacy.
Encryption is strong, but not absolute.
January 24, 2026 at 5:35 PM
𝗕𝗶𝘁𝗟𝗼𝗰𝗸 & 𝗣𝗿𝗶𝘃𝗮𝗰𝘆 🔐
Microsoft gave the FBI BitLocker keys to unlock three laptops tied to a COVID relief fraud in Guam.
Lesson: Cloud-stored encryption keys can help law enforcement but they also reduce user privacy.
Encryption is strong, but not absolute.
Microsoft gave the FBI BitLocker keys to unlock three laptops tied to a COVID relief fraud in Guam.
Lesson: Cloud-stored encryption keys can help law enforcement but they also reduce user privacy.
Encryption is strong, but not absolute.
Best Youtube channel to learn any Tech skills
Agree?
Agree?
January 24, 2026 at 9:37 AM
Best Youtube channel to learn any Tech skills
Agree?
Agree?
The bigger the picture, the harder the sacrifice nobody sees.
GOOD MORNING 🌞
GOOD MORNING 🌞
January 24, 2026 at 7:01 AM
The bigger the picture, the harder the sacrifice nobody sees.
GOOD MORNING 🌞
GOOD MORNING 🌞
𝗗𝗮𝘆 1/30 ~ 𝗢𝗦𝗜 & 𝗧𝗖𝗣/𝗜𝗣 𝗠𝗶𝗻𝗱𝘀𝗲𝘁 🧵
Networks aren’t magic.
They’re layers.
• OSI = how data should flow
• TCP/IP = how data actually flows
↓
Troubleshooting isn’t guessing.
It’s isolation.
Every issue lives at a layer.
Find the layer. Fix the problem.
Networks aren’t magic.
They’re layers.
• OSI = how data should flow
• TCP/IP = how data actually flows
↓
Troubleshooting isn’t guessing.
It’s isolation.
Every issue lives at a layer.
Find the layer. Fix the problem.
January 23, 2026 at 4:09 PM
𝗗𝗮𝘆 1/30 ~ 𝗢𝗦𝗜 & 𝗧𝗖𝗣/𝗜𝗣 𝗠𝗶𝗻𝗱𝘀𝗲𝘁 🧵
Networks aren’t magic.
They’re layers.
• OSI = how data should flow
• TCP/IP = how data actually flows
↓
Troubleshooting isn’t guessing.
It’s isolation.
Every issue lives at a layer.
Find the layer. Fix the problem.
Networks aren’t magic.
They’re layers.
• OSI = how data should flow
• TCP/IP = how data actually flows
↓
Troubleshooting isn’t guessing.
It’s isolation.
Every issue lives at a layer.
Find the layer. Fix the problem.
𝗗𝗮𝘆 5/𝟭𝟬 ~ 𝗣𝗿𝗼𝗰𝗲𝘀𝘀 & 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Linux isn’t static.
It’s alive.
• ps & top → see what’s running
• systemctl → control services
• Unexpected processes = investigation points
SOC work starts with knowing what should exist.
If you can’t see it, you can’t secure it.
Linux isn’t static.
It’s alive.
• ps & top → see what’s running
• systemctl → control services
• Unexpected processes = investigation points
SOC work starts with knowing what should exist.
If you can’t see it, you can’t secure it.
January 23, 2026 at 1:42 PM
𝗗𝗮𝘆 5/𝟭𝟬 ~ 𝗣𝗿𝗼𝗰𝗲𝘀𝘀 & 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Linux isn’t static.
It’s alive.
• ps & top → see what’s running
• systemctl → control services
• Unexpected processes = investigation points
SOC work starts with knowing what should exist.
If you can’t see it, you can’t secure it.
Linux isn’t static.
It’s alive.
• ps & top → see what’s running
• systemctl → control services
• Unexpected processes = investigation points
SOC work starts with knowing what should exist.
If you can’t see it, you can’t secure it.
Window has a hidden way to reveal your WiFi password
January 23, 2026 at 9:08 AM
Window has a hidden way to reveal your WiFi password
Cross-site scripting
January 23, 2026 at 4:53 AM
Cross-site scripting
𝗗𝗮𝘆 4/𝟭𝟬 ~ 𝗨𝘀𝗲𝗿 & 𝗚𝗿𝗼𝘂𝗽 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Accounts aren’t just names.
They’re accountability.
• Create users, manage groups → enforce least privilege
• /etc/passwd & /etc/shadow = tracking every action
• SOC work starts at the user level
Proper user & group management = foundation of secure systems.
Accounts aren’t just names.
They’re accountability.
• Create users, manage groups → enforce least privilege
• /etc/passwd & /etc/shadow = tracking every action
• SOC work starts at the user level
Proper user & group management = foundation of secure systems.
January 22, 2026 at 9:06 PM
𝗗𝗮𝘆 4/𝟭𝟬 ~ 𝗨𝘀𝗲𝗿 & 𝗚𝗿𝗼𝘂𝗽 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Accounts aren’t just names.
They’re accountability.
• Create users, manage groups → enforce least privilege
• /etc/passwd & /etc/shadow = tracking every action
• SOC work starts at the user level
Proper user & group management = foundation of secure systems.
Accounts aren’t just names.
They’re accountability.
• Create users, manage groups → enforce least privilege
• /etc/passwd & /etc/shadow = tracking every action
• SOC work starts at the user level
Proper user & group management = foundation of secure systems.
𝗞𝗮𝗹𝗶 vs 𝗨𝗯𝘂𝗻𝘁𝘂 ☠️
Kali = offensive security, pentesting, forensics
Ubuntu = servers, cloud, Blue Team
Ubuntu is hardened by default.
Kali assumes you know the risks.
Kali ships with 600+ tools.
Ubuntu can install them slowly.
Choose wisely.
Kali = offensive security, pentesting, forensics
Ubuntu = servers, cloud, Blue Team
Ubuntu is hardened by default.
Kali assumes you know the risks.
Kali ships with 600+ tools.
Ubuntu can install them slowly.
Choose wisely.
January 22, 2026 at 6:33 PM
𝗞𝗮𝗹𝗶 vs 𝗨𝗯𝘂𝗻𝘁𝘂 ☠️
Kali = offensive security, pentesting, forensics
Ubuntu = servers, cloud, Blue Team
Ubuntu is hardened by default.
Kali assumes you know the risks.
Kali ships with 600+ tools.
Ubuntu can install them slowly.
Choose wisely.
Kali = offensive security, pentesting, forensics
Ubuntu = servers, cloud, Blue Team
Ubuntu is hardened by default.
Kali assumes you know the risks.
Kali ships with 600+ tools.
Ubuntu can install them slowly.
Choose wisely.
𝗗𝗮𝘆 0/𝟯𝟬 ~ 𝗡𝗲𝘁+ 𝗙𝗼𝘂𝗻𝗱𝗮𝘁𝗶𝗼𝗻 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Starting from zero is uncomfortable.
That’s where growth starts.
• Study space + routine → consistency
• CompTIA tests understanding, not memory
• OSI & TCP/IP = troubleshooting language
Progress > perfection.
Build the fundamentals. The rest compounds.
Starting from zero is uncomfortable.
That’s where growth starts.
• Study space + routine → consistency
• CompTIA tests understanding, not memory
• OSI & TCP/IP = troubleshooting language
Progress > perfection.
Build the fundamentals. The rest compounds.
January 22, 2026 at 12:08 PM
𝗗𝗮𝘆 0/𝟯𝟬 ~ 𝗡𝗲𝘁+ 𝗙𝗼𝘂𝗻𝗱𝗮𝘁𝗶𝗼𝗻 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Starting from zero is uncomfortable.
That’s where growth starts.
• Study space + routine → consistency
• CompTIA tests understanding, not memory
• OSI & TCP/IP = troubleshooting language
Progress > perfection.
Build the fundamentals. The rest compounds.
Starting from zero is uncomfortable.
That’s where growth starts.
• Study space + routine → consistency
• CompTIA tests understanding, not memory
• OSI & TCP/IP = troubleshooting language
Progress > perfection.
Build the fundamentals. The rest compounds.
𝗧𝗵𝗲 𝗧𝗲𝗲𝗻 𝗪𝗵𝗼 𝗛𝗮𝗰𝗸𝗲𝗱 𝗡𝗔𝗦𝗔
At 15, Jonathan James hacked NASA and DoD.
No exploits. Just weak security.
He panicked and turned himself in.
Avoided prison not consequences.
Curiosity has limits.
Pressure can last a lifetime.
At 15, Jonathan James hacked NASA and DoD.
No exploits. Just weak security.
He panicked and turned himself in.
Avoided prison not consequences.
Curiosity has limits.
Pressure can last a lifetime.
January 22, 2026 at 7:15 AM
𝗧𝗵𝗲 𝗧𝗲𝗲𝗻 𝗪𝗵𝗼 𝗛𝗮𝗰𝗸𝗲𝗱 𝗡𝗔𝗦𝗔
At 15, Jonathan James hacked NASA and DoD.
No exploits. Just weak security.
He panicked and turned himself in.
Avoided prison not consequences.
Curiosity has limits.
Pressure can last a lifetime.
At 15, Jonathan James hacked NASA and DoD.
No exploits. Just weak security.
He panicked and turned himself in.
Avoided prison not consequences.
Curiosity has limits.
Pressure can last a lifetime.
𝗗𝗮𝘆 3/𝟭𝟬 ~ 𝗣𝗲𝗿𝗺𝗶𝘀𝘀𝗶𝗼𝗻𝘀 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Permissions aren’t hurdles.
They’re defense.
• chmod & chown → enforce least privilege
• umask & SUID → subtle control points
• Ownership = risk management
SOC work starts at the filesystem level.
One bit can protect or expose everything.
Permissions aren’t hurdles.
They’re defense.
• chmod & chown → enforce least privilege
• umask & SUID → subtle control points
• Ownership = risk management
SOC work starts at the filesystem level.
One bit can protect or expose everything.
January 21, 2026 at 9:59 PM
𝗗𝗮𝘆 3/𝟭𝟬 ~ 𝗣𝗲𝗿𝗺𝗶𝘀𝘀𝗶𝗼𝗻𝘀 𝗠𝗶𝗻𝗱𝘀𝗲𝘁
Permissions aren’t hurdles.
They’re defense.
• chmod & chown → enforce least privilege
• umask & SUID → subtle control points
• Ownership = risk management
SOC work starts at the filesystem level.
One bit can protect or expose everything.
Permissions aren’t hurdles.
They’re defense.
• chmod & chown → enforce least privilege
• umask & SUID → subtle control points
• Ownership = risk management
SOC work starts at the filesystem level.
One bit can protect or expose everything.
SOC work depends on knowing where data lives.
You can’t protect what you can’t locate.
You can’t protect what you can’t locate.
January 20, 2026 at 12:51 PM
SOC work depends on knowing where data lives.
You can’t protect what you can’t locate.
You can’t protect what you can’t locate.
𝗔𝗰𝗰𝗼𝘂𝗻𝘁 𝗧𝗮𝗸𝗲𝗼𝘃𝗲𝗿𝘀 & 𝗦𝗼𝗰𝗶𝗮𝗹 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴 𝗥𝗲𝗮𝗹𝗶𝘁𝘆
Most accounts aren’t “hacked.”
Access is handed over.
Fake login pages.
Cloned sites.
“Verify your account” messages.
Once creds are entered, the attacker logs in like a normal user.
No exploit. Just trust abused.
Most accounts aren’t “hacked.”
Access is handed over.
Fake login pages.
Cloned sites.
“Verify your account” messages.
Once creds are entered, the attacker logs in like a normal user.
No exploit. Just trust abused.
January 20, 2026 at 9:10 AM
𝗔𝗰𝗰𝗼𝘂𝗻𝘁 𝗧𝗮𝗸𝗲𝗼𝘃𝗲𝗿𝘀 & 𝗦𝗼𝗰𝗶𝗮𝗹 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴 𝗥𝗲𝗮𝗹𝗶𝘁𝘆
Most accounts aren’t “hacked.”
Access is handed over.
Fake login pages.
Cloned sites.
“Verify your account” messages.
Once creds are entered, the attacker logs in like a normal user.
No exploit. Just trust abused.
Most accounts aren’t “hacked.”
Access is handed over.
Fake login pages.
Cloned sites.
“Verify your account” messages.
Once creds are entered, the attacker logs in like a normal user.
No exploit. Just trust abused.
~ 𝗕𝗮𝗿𝗰𝗼𝗱𝗲𝘀
Barcodes aren’t random numbers.
They’re structured data for machines.
If a system reads it, trusts it, or automates around it
it can be exploited.
Security starts with understanding structure, not symbols.
Barcodes aren’t random numbers.
They’re structured data for machines.
If a system reads it, trusts it, or automates around it
it can be exploited.
Security starts with understanding structure, not symbols.
January 20, 2026 at 1:47 AM
~ 𝗕𝗮𝗿𝗰𝗼𝗱𝗲𝘀
Barcodes aren’t random numbers.
They’re structured data for machines.
If a system reads it, trusts it, or automates around it
it can be exploited.
Security starts with understanding structure, not symbols.
Barcodes aren’t random numbers.
They’re structured data for machines.
If a system reads it, trusts it, or automates around it
it can be exploited.
Security starts with understanding structure, not symbols.
The CLI isn’t scary.
It’s the foundation of Linux, cloud, and SOC work
It’s the foundation of Linux, cloud, and SOC work
January 19, 2026 at 9:01 PM
The CLI isn’t scary.
It’s the foundation of Linux, cloud, and SOC work
It’s the foundation of Linux, cloud, and SOC work
𝗢𝗽𝗲𝗻-𝗦𝗼𝘂𝗿𝗰𝗲 𝗔𝘁𝘁𝗮𝗰𝗸 𝗦𝘂𝗿𝗳𝗮𝗰𝗲 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁
You can’t defend what you can’t see.
This platform helps security teams:
• Discover external assets
• Monitor exposure changes
• Identify attack paths early
Built for visibility-first security.
Know your surface before attackers do.
You can’t defend what you can’t see.
This platform helps security teams:
• Discover external assets
• Monitor exposure changes
• Identify attack paths early
Built for visibility-first security.
Know your surface before attackers do.
January 19, 2026 at 4:57 PM
𝗢𝗽𝗲𝗻-𝗦𝗼𝘂𝗿𝗰𝗲 𝗔𝘁𝘁𝗮𝗰𝗸 𝗦𝘂𝗿𝗳𝗮𝗰𝗲 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁
You can’t defend what you can’t see.
This platform helps security teams:
• Discover external assets
• Monitor exposure changes
• Identify attack paths early
Built for visibility-first security.
Know your surface before attackers do.
You can’t defend what you can’t see.
This platform helps security teams:
• Discover external assets
• Monitor exposure changes
• Identify attack paths early
Built for visibility-first security.
Know your surface before attackers do.
Structure first. Every command, script, investigation flows smoother.
SOC work starts with discipline, not drama.
SOC work starts with discipline, not drama.
January 18, 2026 at 8:57 PM
Structure first. Every command, script, investigation flows smoother.
SOC work starts with discipline, not drama.
SOC work starts with discipline, not drama.
𝗨𝗯𝘂𝗻𝘁𝘂 𝗼𝗻 𝗨𝗧𝗠
I’ve used Kali Linux for a while, so installing Ubuntu seemed easy. I failed twice rushing caused mistakes. After slowing down, setting RAM, network, and architecture properly, I finally got it working. Patience + hands-on practice = mastery.
I’ve used Kali Linux for a while, so installing Ubuntu seemed easy. I failed twice rushing caused mistakes. After slowing down, setting RAM, network, and architecture properly, I finally got it working. Patience + hands-on practice = mastery.
January 18, 2026 at 1:30 AM
𝗨𝗯𝘂𝗻𝘁𝘂 𝗼𝗻 𝗨𝗧𝗠
I’ve used Kali Linux for a while, so installing Ubuntu seemed easy. I failed twice rushing caused mistakes. After slowing down, setting RAM, network, and architecture properly, I finally got it working. Patience + hands-on practice = mastery.
I’ve used Kali Linux for a while, so installing Ubuntu seemed easy. I failed twice rushing caused mistakes. After slowing down, setting RAM, network, and architecture properly, I finally got it working. Patience + hands-on practice = mastery.