SOC Writeups
2026
- SOC326 Case Study: Impersonating Domain MX Record Change Leading to Active Phishing Campaign Feb 5
- SOC153 Case Study: Malicious PowerShell Execution Leading to Active Malware Infection Feb 3
- SOC127 Case Study: Successful SQL Injection Attack via Automated Tooling Jan 29
- LetsDefend SOC138 – Suspicious XLS Malware Analysis Jan 16
- Inside a Blue Team SOC Home Lab: Wazuh, pfSense, Snort, Suricata, and Zeek in Action Jan 15
- GothamLegend Incident Response – PowerShell Malware Analysis Jan 15
- LetsDefend HTTP Basic Authentication Analysis – PCAP Investigation Jan 14
- LetsDefend SOC168 – Command Injection (whoami) Web Attack Analysis Jan 13
- LetsDefend SOC170 – Local File Inclusion (LFI) Attempt Analysis Jan 12
- LetsDefend SOC335 – CVE-2024-49138 Privilege Escalation Exploitation Analysis Jan 11