Writing about offensive security, red teaming, blue teaming, and my unfiltered takes on cybersecurity.
Hands-on guide to custom Wazuh rules & decoders using Bayu Sangkaya's open-source repository. From decoder syntax to wazuh-logtest.
Pipe Palo Alto, FortiGate, pfSense, and Trend Micro logs into Wazuh with decoders and correlation rules.
Replaced a 10B IDR/year commercial SIEM with a complete open-source SOC stack — inspired by Bayu Sangkaya case study.
Five government VAPT engagements — vulnerability patterns, SQLi to shell, and reporting to officials.
Pipeline: Dursgo crawls → Dalfox fuzzes → Nuclei scans. Custom templates, blind XSS, shell script.
Deploy Wazuh SIEM on Ubuntu from scratch with the official installer. Indexer, server, dashboard, agents. Under an hour.
Honest comparison of three EC-Council certifications based on firsthand experience and the Indonesian job market.
PDP Law enforcement, BSSN mandates, ransomware threats, and the 50K workforce gap in Indonesia.
Runtime and dynamic analysis techniques for extracting IOCs from live malware samples.