$ cat blog/*.md | sort --by-date

Security Blog

Writeups, research, and notes on web pentesting, bug bounty hunting, and offensive security.

blog/building-nightowl-ir-triage-toolkit.md blog
$ May 18, 2026

Building NightOwl-IR: A Zero-Dependency Windows Triage Toolkit

Real incident response rarely happens on a host with your tools pre-installed. Here's why I built NightOwl-IR to run on stock PowerShell, what it collects in the first 15 minutes, and how mapping findings to MITRE ATT&CK speeds up triage.

blog/owasp-top-10-web-pentesting-guide.md blog
$ Mar 10, 2025

OWASP Top 10 in Practice: A Pentester's Field Guide

A practical breakdown of the OWASP Top 10 from a pentester's perspective — not just theory, but the exact techniques and tools I use to find these vulnerabilities on real engagements.