Personal blog publishes content and stories related to offensive security, penetration testing, and red teaming.
Hands-on guide to custom Wazuh rules & decoders using Bayu Sangkaya's open-source repository. From decoder syntax to wazuh-logtest.
Replaced a 10B IDR/year commercial SIEM with a complete open-source SOC stack — inspired by Bayu Sangkaya case study.
Pipeline: Dursgo crawls → Dalfox fuzzes → Nuclei scans. Custom templates, blind XSS, shell script.
Runtime and dynamic analysis techniques for extracting IOCs from live malware samples.
Pipe Palo Alto, FortiGate, pfSense, and Trend Micro logs into Wazuh with decoders and correlation rules.
Deploy Wazuh SIEM on Ubuntu from scratch with the official installer. Indexer, server, dashboard, agents. Under an hour.
Five government VAPT engagements — vulnerability patterns, SQLi to shell, and reporting to officials.
Honest comparison of three EC-Council certifications based on firsthand experience and the Indonesian job market.
PDP Law enforcement, BSSN mandates, ransomware threats, and the 50K workforce gap in Indonesia.