https://www.policytopackets.com/tags/security_analyst/ Recent content in Security_Analyst on Policy to Packets Hugo -- gohugo.io en reedveggleston@gmail.com (Reed Eggleston) reedveggleston@gmail.com (Reed Eggleston) © 2026 Reed Eggleston Mon, 23 Feb 2026 15:48:00 +0000 https://www.policytopackets.com/writeups/letsdefend/challenges/disclose_the_agent/ Mon, 23 Feb 2026 15:48:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/disclose_the_agent/ Analyzing an SMTP PCAP to identify leaked credentials, decode Base64 authentication data, extract and reconstruct an email attachment from network traffic, and verify file integrity through hashing. https://www.policytopackets.com/writeups/letsdefend/challenges/investigate_web_attack/ Mon, 23 Feb 2026 12:14:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/investigate_web_attack/ Analyzing raw Apache access logs with Bash tools to identify reconnaissance with Nikto, forced browsing, successful login brute force activity, and command injection leading to account creation on the target system. https://www.policytopackets.com/writeups/letsdefend/challenges/http_basic_auth./ Mon, 23 Feb 2026 11:41:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/http_basic_auth./ Analyzing a PCAP file to identify HTTP GET requests, enumerate server and client details from HTTP headers, and decode Basic Authentication credentials using Wireshark and CyberChef. https://www.policytopackets.com/writeups/letsdefend/challenges/phishing_email/ Fri, 20 Feb 2026 17:45:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/phishing_email/ Analyzing a suspicious PayPal-themed email by reviewing headers, identifying a deceptive return path, extracting a URL hosted on a trusted platform, validating domain reputation, and confirming phishing activity leveraging living-off-trusted-sites techniques. https://www.policytopackets.com/writeups/letsdefend/challenges/shellshock_attack/ Sat, 14 Feb 2026 22:48:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/shellshock_attack/ Analyzing Shellshock attack activity in a PCAP file using Wireshark, identifying the target server details and the injected command. https://www.policytopackets.com/writeups/letsdefend/challenges/port_scan_activity/ Sat, 14 Feb 2026 22:10:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/port_scan_activity/ Analyzing port scan activity in a PCAP file using Wireshark, identifying the scanning host, discovered systems, and network indicators. https://www.policytopackets.com/writeups/letsdefend/challenges/mshtml/ Sat, 14 Feb 2026 21:07:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/mshtml/ Analyzing malicious Office documents exploiting MSHTML (CVE-2021-40444), using oletools to extract indicators, identify malicious domains and IPs, and investigate document-based exploitation. https://www.policytopackets.com/writeups/letsdefend/challenges/excel_4.0_macros/ Sat, 14 Feb 2026 00:39:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/excel_4.0_macros/ Analyzing a malicious Excel 4.0 (XLM) macro document using XLMMacroDeobfuscator and oletools to identify process execution, regsvr32 abuse, and DLL payload behavior. https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_doc/ Sat, 14 Feb 2026 00:15:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_doc/ Analyzing a malicious Word document using VirusTotal to identify RTF exploit behavior, CVE-2017-11882 abuse, payload delivery, and network communication. https://www.policytopackets.com/writeups/letsdefend/challenges/remote_working/ Fri, 13 Feb 2026 23:08:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/remote_working/ Analyzing a malicious XLS file using VirusTotal to identify detection signatures, dropped files, spyware download URLs, and file intelligence indicators. https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_vba/ Fri, 13 Feb 2026 16:41:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/malicious_vba/ Analyzing a malicious VBA macro document, decoding obfuscated hex strings, identifying payload delivery, and investigating HTTP communication and WMI execution techniques. https://www.policytopackets.com/writeups/letsdefend/challenges/learn_sigma/ Fri, 13 Feb 2026 14:08:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/learn_sigma/ Analyzing a Sigma rule for detecting bitsadmin.exe abuse, explaining rule structure, detection logic, and ransomware-related process_creation monitoring.