Featured
Critical Incident Response: WordPress Compromise & Recovery
A detailed case study of identifying, containing, and recovering from an active website compromise in under 3 hours.
Nov 15, 20248 min readIncident Response
Read Case Study← Back to Home
Security Blog
Case studies, technical writeups, and security research findings
Honeypot Detection: Suspicious TLS Reconnaissance on 64297/TCP
Suricata flagged a full TLS handshake on a non-standard high port from M247 (AS9009) — likely targeted recon, C2 discovery, or honeypot fingerprinting.
Sep 20, 20256 min readNetwork Recon
Read Case StudyHoneypot Detection: Sophisticated VoIP Toll Fraud Campaign
Sentrypeer captured SIP INVITE floods from GoDaddy (AS398101) with Cisco-SIPGateway spoofing and sequential premium-rate targets — classic revenue-share fraud.
Sep 22, 20257 min readVoIP Security
Read Case StudyHoneypot Detection: Commercial Threat Intel Mapping (ONYPHE)
Clean TCP handshake → banner grab → immediate RST on 9770/TCP from ONYPHE (AS213412): how commercial scanners catalog your services — and how to respond.
Sep 24, 20256 min readThreat Intelligence
Read Case Study