raghv.dev

BLOG

Field Notes

Technical writeups from the home lab — detection engineering, cert study notes, tool deep dives, and the non-traditional path into cybersecurity.

Get notified when new posts drop.

Stay in the loop
[INFO] Wazuh agent heartbeat · DC-01 · homecorp.local · OK·[WARN] Failed SSH auth attempt · 192.168.56.102 · Rule 5710 · Level 5·[INFO] Nmap scan completed · WEB01 · 23 open ports detected · Logged·[ALERT] Hydra brute-force detected · admin@192.168.56.101 · BLOCKED·[INFO] SPL query executed · index=security · 4,892 events returned·[INFO] ISC2 CC · PASSED · 2024 · Credential active·[INFO] CompTIA Security+ SY0-701 · PASSED · 2025 · Credential active·[WARN] Gobuster scan detected · /api/admin · 403 returned · Alert fired·[INFO] Wireshark PCAP capture · eth0 · 12,441 packets · Saved·[INFO] System status · LEARNING · BUILDING · AVAILABLE FOR SOC ROLES·[INFO] GPO applied · homecorp.local · Password policy · min 12 chars·[ALERT] Nikto scan from KALI01 · WEB01 · Wazuh alert · Severity: High·[INFO] Wazuh agent heartbeat · DC-01 · homecorp.local · OK·[WARN] Failed SSH auth attempt · 192.168.56.102 · Rule 5710 · Level 5·[INFO] Nmap scan completed · WEB01 · 23 open ports detected · Logged·[ALERT] Hydra brute-force detected · admin@192.168.56.101 · BLOCKED·[INFO] SPL query executed · index=security · 4,892 events returned·[INFO] ISC2 CC · PASSED · 2024 · Credential active·[INFO] CompTIA Security+ SY0-701 · PASSED · 2025 · Credential active·[WARN] Gobuster scan detected · /api/admin · 403 returned · Alert fired·[INFO] Wireshark PCAP capture · eth0 · 12,441 packets · Saved·[INFO] System status · LEARNING · BUILDING · AVAILABLE FOR SOC ROLES·[INFO] GPO applied · homecorp.local · Password policy · min 12 chars·[ALERT] Nikto scan from KALI01 · WEB01 · Wazuh alert · Severity: High·