Citadel Cybersec

🔥 180-Day TryHackMe Streak! 🔥
Hands-on challenges every day for 180 days—leveling up SIEM, Threat Intel & Network Security.
My certs: Security+, BTL1, SAL1, Splunk.
From logs to networks, building applied skills that make entry-level Security Analysts day 1 ready.

#cybersecurity #Infosec

Invite Only: A Threat Intelligence Investigation and Malware Analysis writeup A practical SOC analyst investigation of malicious hashes, phishing techniques, and malware delivery chains from the Invite Only TryHackMe…

New Cyber Threat Intelligence Write-Up 🔎

I investigated a suspicious artifact in a threat intel scenario — pivoting from IOCs to uncover malware behavior, infrastructure, and attacker activity.

#cybersecurity #threatintel #malwareanalysis #threathunting #socanalyst #infosec #dfir #blueteam

How I Built a Splunk Homelab for Splunk Certified Core User (SPLK-1001) — Installation, SPL Queries… A step-by-step hands-on lab to practice Windows log ingestion, SPL commands, reporting and dashboard creation using Splunk Enterprise

🔧 Ready to build your own Splunk Homelab? I just posted a detailed guide on setting up a practice lab for the SPLK-1001 certification! SPL commands and dashboard practice with step-by-step instructions.

medium.com/@citadelcybe...

#Splunk #SPLK1001 #Cybersecurity #Infosec #SplunkCertified #Homelab

Wireshark Traffic Analysis: A Comprehensive Guide A Complete Guide to Solving TryHackMe’s Wireshark Traffic Analysis Room: A Step-by-Step Walkthrough of All Tasks and Insights

💻 If you're looking to understand network traffic at a granular level, my latest guide has you covered! Solving TryHackMe's Wireshark Traffic Analysis room goes from packet inspection to detailed network behavior analysis.

#Wireshark #NetworkSecurity #CyberSecurity #TrafficAnalysis #PacketAnalysis

"Amat Victoria Curam"
"Victory loves preparation"

Gaius Valerius Catullus

Regular Expressions A TryHackMe Practical Exercise Writeup

Looking to level up your skills as a SOC Analyst or Blue Team Defender? Mastering regular expressions (regex) is a must! Check out my latest write-up solving TryHackMe's regex room.

👉 medium.com/@citadelcybe...

#CyberSecurity #Regex #IncidentResponse

Inside a Volt Typhoon Attack A Complete TryHackMe Write-Up Demonstrating Real SOC Investigation Methodology

Think like a real SOC analyst.

I just published a detailed TryHackMe Volt Typhoon write-up breaking down a full APT investigation — from initial access to C2 and cleanup.

If you're preparing for blue team roles, this room is gold.

#TryHackMe #ThreatHunting #SOCAnalyst #BlueTeam #MITREATTACK

Wireshark Traffic Analysis: Cleartext Credentials & Firewall Rules A TryHackMe Practical Exercise Writeup

Dive into practical insights with real traffic analysis! Learn how to spot cleartext credentials and craft better firewall rules using #Wireshark — perfect for threat hunters and SOC teams. 🔍

#CyberSecurity #NetworkSecurity #ThreatHunting #SOC

TryHackMe ShadowTrace Walkthrough: Malware Analysis and IOC Extraction Complete writeup with binary analysis, alert decoding, and DFIR techniques

Just published a ShadowTrace walkthrough from TryHackMe, covering malware analysis, IOC extraction, and alert decoding.

#Cybersecurity #MalwareAnalysis #DFIR #TryHackMe #IncidentResponse

"Know thy self, know thy enemy. A thousand battles, a thousand victories."
孫子

How I Passed TryHackMe’s Security Analyst Level 1 (SAL1): A Practical Study Guide A breakdown of the SAL1 exam, its SOC scenarios, tools, and how to prepare effectively using TryHackMe

If you’re preparing for TryHackMe’s Security Analyst Level 1 (SAL1) — this practical study guide breaks down my preparation strategy, what to expect in the theory + hands-on parts, and how to approach real SOC tasks.

#CyberSec #TryHackMe #CareerTips #InfoSec

Detecting Web Shells in WordPress Through Apache Log Analysis A TryHackMe writeup from the “Detecting Web Shells” room — Task 6: Investigation

Just published a new writeup on detecting web shells in a compromised WordPress environment using Apache access logs.

Based on the TryHackMe Detecting Web Shells room, this article focuses on practical log analysis and incident response techniques.

#Cybersecurity #BlueTeam #TryHackMe

Wireshark Traffic Analysis: Encrypted Protocol Analysis: Decrypting HTTPS A TryHackMe Practical Exercise Writeup

New TryHackMe write-up 🔍
Encrypted Protocol Analysis: Decrypting HTTPS

• TLS Client Hello identification
• Decrypting HTTPS with Key Log Files
• HTTP/2 analysis in Wireshark
• Extracting hidden data from PCAPs

Read here:
medium.com/@citadelcybe...

#Cybersecurity #Wireshark #NetworkSecurity

"Igitur quī dēsīderat pācem, præparet bellum"
Publius Flavius Vegetius Renatus

The conditions of peace are often preserved by a readiness to make war to defend said peace when the need arises.

Sysmon Investigation Walkthrough, Using Event Viewer and PowerShell TryHackMe Sysmon Task 10: Practical Investigations Explained (With PowerShell)

In my new article I walk through TryHackMe’s Sysmon Room, Task 10 – Practical Investigations, showing how to analyze real attack scenarios using Sysmon logs, Event Viewer, and PowerShell

👉 Read it here: medium.com/@citadelcybe...

#TryHackMe #Sysmon #IncidentResponse #BlueTeam #IncidentResponse

Wireshark Traffic Analysis: HTTP Cleartext Protocol Analysis A TryHackMe Practical Exercise Writeup

🔍 Ever wondered how to analyze HTTP traffic in Wireshark? Check out my latest TryHackMe writeup where I break down the steps and techniques for better network security insights!

medium.com/@citadelcybe...

#Cybersecurity #Wireshark #networksecurity

My First Advent of Cyber: A Comprehensive Review As this was my first time participating in Advent of Cyber, I must say I’m quite impressed. While it is described as beginner-friendly, it…

I’ve just published a deep dive into my experience with Advent of Cyber 🖥️🎄. If you're passionate about cybersecurity or just looking to learn more about this awesome event, my comprehensive review breaks it all down.

#CyberSecurity #AdventOfCyber #TechCommunity #Infosec #TryHackMe

Leveraging Splunk SIEM to Detect DoS Attacks TryHackMe Detecting Web DDoS Room, Task 5 Practical Exercise

How can Splunk SIEM be used to detect and analyze a DDoS attack? Check my writeup:

• Identifying malicious URIs
• Detecting botnet traffic
• Analyzing user agents
• Visualizing attack peaks with timechart

#Cybersecurity #Splunk #SIEM #DDoS #TryHackMe

Wireshark Traffic Analysis: DNS and ICMP Traffic Tunneling & FTP Cleartext Protocol Analysis A TryHackMe Practical Exercise Writeup

🔍 New write-up: Detecting ICMP & DNS tunneling and analyzing FTP cleartext attacks using Wireshark.

Step-by-step investigation of real PCAPs, filters, and attacker behavior

#Cybersecurity #Wireshark #BlueTeam #NetworkSecurity #ThreatDetection

"The more the storm, the more the strength."
Douglas Malloch

Splunk Incident Response: Reconstructing an Attack Using Perimeter Logs TryHackMe — Network Security Essentials (Task 7 Practical Exercise)

Just published! A new Medium deep-dive on using Splunk and perimeter logs to reconstruct an attack from start to finish. If you want to strengthen your incident response skills, this breakdown has everything.

#CyberSecurity #Splunk #IncidentResponse #DFIR #NetworkSecurity

Wireshark Traffic Analysis: Identifying Hosts: DHCP, NetBIOS and Kerberos A TryHackMe Practical Exercise Writeup

Just published a new Medium article on Wireshark Traffic Analysis!

Struggling to identify hosts or decode network behavior? I break down DHCP, NetBIOS, and Kerberos traffic with clear examples to level up your packet analysis skills. 👇

#Wireshark #CyberSecurity #NetworkSecurity

Wireshark Traffic Analysis: ARP Poisoning & Man In The Middle A TryHackMe Practical Exercise Writeup

New TryHackMe write‑up!

Wireshark Traffic Analysis: ARP Poisoning and MITM.

If you're into network forensics or enjoy dissecting hostile traffic, you’ll appreciate this one.

#Wireshark #ARP #MITM

Searching, Filtering, and Correlation: Threat Hunting with Brim TryHackMe Brim Room Write-up

Check out my latest article on using Brim for threat hunting! From investigating CobaltStrike to detecting crypto mining—learn how to efficiently analyze network traffic and respond to real-world threats.

#Cybersecurity #ThreatHunting #Brim

Cloud-based Threat Detection with Splunk Solving Rotten Cloud Investigation — Blue Team Labs Online (Halloween 2025 Special Event)

I have recently published my latest writeup:
"Cloud-based Threat Detection with Splunk"

Check how I Solved Rotten Cloud Investigation in Blue Team Labs Online (Halloween 2025 Special Event)👇

#BTLO #Splunk #ThreatDetection

Wireshark Traffic Analysis: Nmap Scans Investigating a .pcap file to analyze a suspected Nmap scan using Wireshark. A practical TryHackMe exercise.

In my new article I break down how to analyze Nmap scans using Wireshark, with clear examples and packet insights.
Check it out 👉 medium.com/@citadelcybe...

#Cybersecurity #NetworkAnalysis #Wireshark

A good refresher of what I learnt in CompTIA Security+ concerning Web Application Security, and including some cool practical exercises.

#TryHackMe #OWASP #cybersecurity

Exposing a Vast Phishing Campaign by Probing Malicious Emails and URLs TryHackMe Snapped Phish-ing Line Room Write‑Up

Investigating a vast, malicious email & URL phishing campaign! This is how attackers are targeting individuals & organizations.

Learn the techniques they use to bypass security measures👇
#Phishing #DFIR #Cybersecurity

Elastic Stack (ELK) for SOC Log Investigations TryHackMe Elastic Stack: The Basics, Tasks 4 and 5 Writeup

How the Elastic Stack (ELK) can supercharge your SOC log investigations? 🔍
Check my detailed THM writeup on using #ElasticSearch for SIEM analysis & incident response!

#Cybersecurity #SOC #ElasticStack

Competent with #Wireshark & Packet Analysis
#tryhackme