$ whoami

KR4KEN

I work in detection and threat hunting — writing the analytics and running the hunts that surface attacker activity in log and endpoint data. This site is where I keep my notes, projects, and writing.

About

stub

stub

Outside of that I build tooling and run a home lab I use for testing and research. This site collects the work and writing I think is worth sharing.

Detection
engineering & analytics
Threat
hunting & response
Research
reverse engineering

What I work on

Threat Hunting

Structured, hypothesis-driven hunts across endpoint and network data.

  • behavioral analysis
  • EDR / SIEM
  • ATT&CK mapping

Detection Engineering

Writing detections that are accurate and easy to act on, and keeping them tuned as environments change.

  • detection-as-code
  • sigma / queries
  • alert tuning

Security Research

Reverse engineering, malware analysis, and testing my defenses.

  • malware analysis
  • reverse engineering
  • adversary emulation

Tooling & Infra

Automation, a home lab.

  • automation
  • home lab
  • data pipelines

Recent posts