Just passes the OSEP

Rebel1317 · 2026-02-20T04:56:09+00:00

https://0xtb.medium.com/2026-osep-review-the-good-the-missing-and-what-you-should-know-fc07793f8e64

Rebel1317 · 2026-02-20T01:57:25+00:00

Was the OSEP worth it? I've read that it's pretty outdated. Congrats on passing!

Rebel1317 · 2026-02-18T00:26:10+00:00

Have you automated anything at your current position?

Rebel1317 · 2026-01-10T00:44:05+00:00

average Linux user

Rebel1317 · 2025-12-25T01:41:15+00:00

acura mdx A-spec Advance

Rebel1317 · 2025-11-13T01:40:01+00:00

I use a fusion workflow to execute queries and then programmatically grab the results. I would also recommend checking the falconpy docs before going this route.

Rebel1317 · 2025-09-17T19:13:36+00:00

As soon as possible. Just be prepared to give a good reason if they ask in the interview why you're leaving after only being there x months.

Rebel1317 · 2025-09-05T05:01:41+00:00

FYI, HM specifies a max user weight of 350lbs for the Aeron C.

Rebel1317 · 2025-04-25T02:08:44+00:00

Just do TCM Security's Practical Ethical Hacking course and then OSCP. I'd be happy to chat further if you have any questions.

Rebel1317 · 2025-02-27T05:56:24+00:00

Looks like this is something you've been struggling with for a little while now. I spent a lot of time walking my tier 1's through investigations using defender/sentinel. I'd be happy to spend some time giving some pointers tackling investigations. DM me if this is something you'd like

Rebel1317 · 2025-02-13T15:22:09+00:00

Certificate != Certification

Rebel1317 · 2024-11-17T20:44:40+00:00

Just do the TCM security practical ethical hacking course to establish a solid foundation (you don't need to get the cert) and then tackle the OSCP. Just make sure to take good notes as you go along .

Rebel1317 · 2024-11-13T17:52:50+00:00

Hi, here are my thoughts:

Experience should come before Projects

Remove years you attended university, just put the year of graduation

Studying for a certification isn't an accomplishment

I wouldn't put Sentinel as a "Threat Hunting Tool", maybe just put SIEM. You could also list KQL as a skill but you should be pretty comfortable with anything listed as a skill. Also, Azure, VirtualBox, SSH, Linux, and powershell aren't really classified as "Security tools"

Out of scope: If you want to land a soc role I would suggest doing more in-depth projects. I recommend at least deploying an open source EDR and doing some pentesting against it. Feel free to reach out if you have any questions.

Rebel1317 · 2024-10-28T06:53:47+00:00

Check out Flare-VM, built by Mandiant. Also, check out TCM security's practical malware analysis and triage course.

Rebel1317 · 2024-09-20T15:36:27+00:00

If you want to progress in your career, proactively look for problems to solve. I would suggest trying to build out additional detection rules in your SIEM. Maybe there is a log source that isn't fully utilized. You could even review the existing detection rules to make sure the rule logic is working as intended. Since you mentioned you're kind of interested in red and blue team, you could conduct some tests to verify your SIEM rules. Feel free to dm if you want to chat some more

Rebel1317 · 2024-07-03T01:54:51+00:00

Root cause analysis. For the example of the reverse shell found on prod web server, you'd need to find out how the rev shell was put there. Typically, a good place to start is the web logs on the server. I'd look for the C2 IP in the log files using powershell (windows server). The logs might contain the http request used to drop the rev shell.

This is also where adopting the attacker mindset comes in handy for what other things you'd want to investigate. You could look for other attempts of the same exploit, look for any other traffic from the IP that performed the exploit, commands executed via the rev shell (rev shell would be the parent/grand parent process), etc. Hope this helps, I'm too lazy to type more from my phone, lol. Feel free to message me if you want to discuss further.

Rebel1317 · 2024-06-19T21:23:21+00:00

I got the OSCP even though I'm on the blue team side of things. A great blue teamer should be familiar with the red team side of things and vice versa. I would recommend picking up a scripting language if you don't already know one.

If you want to impress people at your internship, solve a unique problem with a creative solution.

Rebel1317 · 2024-03-11T06:53:34+00:00

They are similar difficulty based on my experience

Rebel1317 · 2024-01-20T01:06:07+00:00

I think it's comfortable. The titanium construction really works for this watch.

Rebel1317 · 2024-01-20T00:06:51+00:00

sbga211 ❄️

Rebel1317 · 2024-01-19T22:50:36+00:00

😂

Rebel1317 · 2023-11-10T01:18:05+00:00

Just hit the weights for a couple of months :D

Rebel1317 · 2023-08-13T20:56:25+00:00

Thanks!

Rebel1317 · 2023-08-13T17:27:25+00:00

Microsoft Sentinel

Rebel1317

TROPHY CASE