# DaeIsBae ## Docs - [ Automated EC2 Isolation on GuardDuty and Security Hub Findings](https://blog.daehyung.dev/aws-security-theory/ec2-isolation-auto-response.md): Threat findings to EventBridge and automatically quarantine compromised EC2 instances - [Port Scan leads to Automated IP Ban System](https://blog.daehyung.dev/aws-security-theory/nmap-auto-ban.md): Automated detection and IP banning via VPC Flow Logs -> GuardDuty -> EventBridge -> Lambda -> Network Firewall - [IAM Privilege Escalation & Hardening](https://blog.daehyung.dev/aws-security/IAM-Privilege-Escalation.md): Analyzing common IAM misconfigurations and detection mechanisms. - [HackTheBox Active](https://blog.daehyung.dev/hackthebox-active-directory/hackthebox-active.md): Active Directory machine walkthrough from enumeration to domain admin. - [HackTheBox Forest](https://blog.daehyung.dev/hackthebox-active-directory/hackthebox-forest.md): Active Directory machine walkthrough from initial access to domain compromise. - [HackTheBox Bashed](https://blog.daehyung.dev/hackthebox-linux/hackthebox-bashed.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox FriendZone](https://blog.daehyung.dev/hackthebox-linux/hackthebox-friendzone.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Horizontall](https://blog.daehyung.dev/hackthebox-linux/hackthebox-horizontall.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Jarvis](https://blog.daehyung.dev/hackthebox-linux/hackthebox-jarvis.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Lame](https://blog.daehyung.dev/hackthebox-linux/hackthebox-lame.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Meta](https://blog.daehyung.dev/hackthebox-linux/hackthebox-meta.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Nibbles](https://blog.daehyung.dev/hackthebox-linux/hackthebox-nibbles.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox OpenAdmin](https://blog.daehyung.dev/hackthebox-linux/hackthebox-openadmin.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Pandora](https://blog.daehyung.dev/hackthebox-linux/hackthebox-pandora.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Paper](https://blog.daehyung.dev/hackthebox-linux/hackthebox-paper.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Poison](https://blog.daehyung.dev/hackthebox-linux/hackthebox-poison.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Previse](https://blog.daehyung.dev/hackthebox-linux/hackthebox-previse.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Ready](https://blog.daehyung.dev/hackthebox-linux/hackthebox-ready.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Sense](https://blog.daehyung.dev/hackthebox-linux/hackthebox-sense.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Shibboleth](https://blog.daehyung.dev/hackthebox-linux/hackthebox-shibboleth.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Shocker](https://blog.daehyung.dev/hackthebox-linux/hackthebox-shocker.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Writer](https://blog.daehyung.dev/hackthebox-linux/hackthebox-writer.md): Linux machine walkthrough from enumeration to privilege escalation. - [HackTheBox Arctic](https://blog.daehyung.dev/hackthebox-windows/hackthebox-arctic.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Bastion](https://blog.daehyung.dev/hackthebox-windows/hackthebox-bastion.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Devel](https://blog.daehyung.dev/hackthebox-windows/hackthebox-devel.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Grandpa](https://blog.daehyung.dev/hackthebox-windows/hackthebox-grandpa.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Granny](https://blog.daehyung.dev/hackthebox-windows/hackthebox-granny.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Jerry](https://blog.daehyung.dev/hackthebox-windows/hackthebox-jerry.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Legacy](https://blog.daehyung.dev/hackthebox-windows/hackthebox-legacy.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Love](https://blog.daehyung.dev/hackthebox-windows/hackthebox-love.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Optimum](https://blog.daehyung.dev/hackthebox-windows/hackthebox-optimum.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Remote](https://blog.daehyung.dev/hackthebox-windows/hackthebox-remote.md): Windows machine walkthrough from enumeration to privilege escalation. - [HackTheBox Silo](https://blog.daehyung.dev/hackthebox-windows/hackthebox-silo.md): Windows machine walkthrough from enumeration to privilege escalation. - [Home](https://blog.daehyung.dev/index.md): Technical logs and security engineering principles. - [flaw.cloud CloudTrail Log Analysis with Microsoft Sentinel](https://blog.daehyung.dev/security-operations/flaw.cloud-cloudtrail-sentinel.md): Investigating public AWS CloudTrail logs from flaw.cloud into Microsoft Sentinel - [Phishing Detection with Sentinel](https://blog.daehyung.dev/security-operations/phishing-detection-sentinel.md): Phishing detection using KQL syntax ## OpenAPI Specs - [openapi](https://blog.daehyung.dev/api-reference/openapi.json)