This is my personal collection of ideas, essays, notes, analysis, insights and stories collected into a single place. Some are published on other sites, some were published long ago, some have never been published except for right here. If you have stumbled on this, I hope something I have shared gives you a new insight or idea to take your work further. I have licensed this under the Creative Commons so that others can copy and share, take what works, and leave the rest.
Some of this content is written for an audience; some are just my notes, and some are in between. Many of these works are best thought of as works in progress, I'd rather write something down than nothing, but they aren't necessarily complete. Again, take it for what you will and most notably, they are just the opinions of a single person who has enjoyed the fun and challenge of working in security and threat intelligence but is certainly not an expert. Some of the content veers in totally different directions to my other special interests like running, philosophy, and random analysis problems.
Why don't I just publish this all on WordPress, Medium, LinkedIn or some other site? Personally, I don't trust companies to be stewards of content, fair in their application of policies, or offer any form of due process for disputes. By having a local git repo, published to github I can preserve copies on multiple machines, avoid worries of having an account suspended due to an AI algorithm detecting it as unwanted and having no recourse to get my content back. I don't want to or care about making money from this content, I also don't need the likes, I use these platforms to share in a way that might reach people who will find it useful.
Here are a few of the published works that closely mirror the content here:
- The Mistaken Powdesk Threat Intel
- Omnipotent adversary fallacy — should you give up your asymmetric advantages in cyber threat intel?
- Common Cyber Threat Intel Biases
- LinkedIn GAN Network Analysis
- YARA hunting in ancient civilizations
- Pragmatic Detection of GAN Profiles
- Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code (Ch 8)
- Cyber Fraud Tactics, Techniques and Procedures (Ch 10, 12)
Sometimes I share copies of content that contains copyrights, company logos and non-public stories about working at different companies. To the best of my knowledge the information I share does not violate any NDA, copyright or other protection of the works. I leverage content that has been presented publicly, can be second sourced or represents my personal experiences. In some cases, I have secured permission to share and have done my best to honor all past obligations for confidentiality. If you come across something you feel violates this principle, please email me at [email protected] and I will do my best to update or remove it.
While I wrote the majority of content, I also use generative AI in the writing of the content as well. I use tools like Grammarly to help with grammar, spelling and clarity. I ask ChatGPT to review the work for suggestions on how to make it more clear. Sometimes I use chatgpt to write sections based on my prompts. In the end all of the works represent my ideas, but I happily use technology to make my writing easier to read and more efficient to produce.