Academy Pro · 81 articles

Academy Pro

Medium and Hard Academy modules — Pro tier required

Academy

Module 6 · Forensic Timeline Reconstruction with Plaso

Why this module exists. An investigation has a hundred sources: event logs from five hosts, bash history, filesystem mtimes, audit logs, EDR…

May 13, 2026 · 4 min read
Academy

Module 5 · Linux Forensics — Auditd, journalctl, Containers

Why this module exists. Linux IR responders often default to “tar up /var/log and call it done.” Modern Linux estates — especially…

May 13, 2026 · 4 min read
Academy

Module 3 · Memory Forensics with Volatility 3

Why this module exists. Half the modern malware ecosystem never writes a payload to disk — it lives in memory, injected into…

May 13, 2026 · 4 min read
Academy

Module 4 · Windows Event Log Forensics — The IR Reference

Why this module exists. The defender’s biggest leverage in any Windows IR is the event log. The attacker’s biggest leverage in the…

May 13, 2026 · 3 min read
Academy

Module 2 · Disk Imaging — Forensically Sound Acquisition

Why this module exists. “We made a copy of the disk” is not the same as “we forensically imaged the disk.” The…

May 13, 2026 · 4 min read
Academy

Sliver C2 Operator Guide — Implants, Transports, OPSEC, and the Detection Patterns Blue Teams Should Hunt

Sliver is the open-source post-Cobalt-Strike C2 framework — accessible to Indian red teams without licensing barriers, and the most-abused C2 after CS…

May 8, 2026 · 6 min read
Academy

Burp Suite Pro 2026 — Five Production Bambdas and Three Custom BChecks (Paste-Ready)

Burp Bambdas (per-request JavaScript) and BChecks (YAML scanner checks) are the highest-leverage features in Burp Pro 2026. Five paste-ready Bambdas (sensitive data,…

May 8, 2026 · 6 min read
Academy

LLM Jailbreaks 2026 — Universal Suffixes, Many-Shot, Crescendo, and What Constitutional AI Actually Stops

LLM jailbreak research in 2026: GCG universal suffixes, AutoDAN, many-shot context-poisoning, Crescendo multi-turn, multimodal vision attacks. Why alignment is structurally defence-in-depth, the…

May 8, 2026 · 1 min read
Academy

Security Audit Programme and Reporting

Three lines of defence, audit calendar, continuous control monitoring, working papers, common-control framework across ISO/SOC2/PCI/RBI/SEBI, audit-fatigue management.

Apr 26, 2026 · 4 min read
Academy

Secure Code Review at Scale

Per-PR vs feature-level vs deep-dive code reviews, OWASP Top 10 hunt patterns, Semgrep custom-rule programme, what humans find that tools miss, rollout…

Apr 26, 2026 · 5 min read
1 2 3 4 5 9