DRAFT: MBSE
Learn about Model-Based Systems Engineering (MBSE) and its applications in cybersecurity, including tools like Capella and DARC for system modeling and architecture development.
October 6, 2025
Posts by Kieran Jessup
Showing 21 posts
Secure by Design, Secure by Default
Explore the fundamental principles of secure by design and secure by default methodologies. Learn how to build security into systems from the ground up, implement defense in depth, and create inherently secure architectures that protect against modern cyber threats.
October 1, 2025
HTB: Holmes CTF 2025
Bit of fun in the Holmes CTF.
September 29, 2025
HTB - Previous
HTB Previous walkthrough: HackTheBox Medium Linux machine solution with locked content for security. Overview of machine details, difficulty level, and walkthrough structure for the Previous penetration testing challenge with restricted access.
August 30, 2025
HTB - BountyHunter
A comprehensive walkthrough of the HTB BountyHunter machine, demonstrating XXE vulnerability exploitation and web application security testing. This guide covers enumeration, exploitation, and privilege escalation techniques for cybersecurity professionals.
August 29, 2025
HTB - CodePartTwo
A comprehensive walkthrough of the HTB CodeTwo machine, covering enumeration, exploitation, and privilege escalation techniques. This guide provides step-by-step instructions for cybersecurity professionals and penetration testing enthusiasts.
August 29, 2025
The best 6 months of my career
Career highlights at CrowdStrike: My experience working in the Falcon Complete Team, interview process, onboarding, daily responsibilities, and career growth in cybersecurity SOC operations.
August 29, 2025
Alternate Data Streams
A comprehensive guide to NTFS Alternate Data Streams (ADS), covering exploitation techniques, detection methods, and blue team strategies. Learn how attackers hide malicious payloads and how defenders can identify and mitigate these stealthy techniques.
May 28, 2025
CVE-2025-29927
Analysis and details of CVE-2025-29927 vulnerability. This post covers the security implications, affected systems, and mitigation strategies for this cybersecurity vulnerability.
May 20, 2025
HoneySOC
A hands-on honeypot project combining web-exposed servers with CrowdStrike EDR for cybersecurity skill development. This project demonstrates deception techniques, threat detection, and SOC monitoring through practical honeypot implementation.
April 14, 2025
Practical ISM E01: Guidelines for system monitoring
Learn how to implement comprehensive logging and monitoring policies that meet Australian Government ISM requirements, including control implementation, log management, and security monitoring best practices.
February 1, 2025
ISM-1717 Implementation Guide: Security.txt File Requirements
ISM-1717 security.txt implementation guide: Complete requirements for hosting security contact files at /.well-known/security.txt. RFC 9116 compliance, web server configuration, and security policy implementation for organizations and cybersecurity compliance.
January 27, 2025
Cybersecurity Basics: A Beginner's Guide to Digital Security
An introductory guide to cybersecurity fundamentals, covering essential concepts like the CIA triad, common threats, and security best practices. This beginner-friendly resource provides a solid foundation for understanding digital security principles and protecting against cyber threats.
January 15, 2025
XXE Attacks: Understanding and Exploiting XML External Entity Vulnerabilities
XXE attacks guide: Learn XML External Entity vulnerabilities, exploitation techniques, file disclosure, SSRF, and mitigation strategies. Comprehensive coverage of XXE attack vectors, real-world examples, and security best practices for web application security.
January 15, 2025
Draft: Assessing systems against the ISM
Learn how to assess systems against the Australian Government Information Security Manual (ISM) controls, including methodology, tools, and best practices for compliance evaluation.
January 1, 2025
ISM-0657 Implementation Guide
ISM-0657 implementation guide: Manual data import scanning for malicious content control. Implementation guidance, requirements, and testing procedures for ISM cybersecurity controls and data security scanning for blue team security.
December 19, 2024
Windows Event ID 4624: Successful Logon Analysis
Windows Event ID 4624 guide: Complete analysis of successful logon events, logon types (interactive, network, RDP), security monitoring, and blue team detection techniques for Windows authentication events and security monitoring.
December 19, 2024
DRAFT: OSQuery
Learn about OSQuery, the open-source operating system instrumentation framework for monitoring and querying system information across multiple platforms.
December 1, 2024
System Alpha
System Alpha is a baseline reference system used across multiple blog posts and implementation guides to demonstrate ISM compliance, security configurations, and practical cybersecurity implementations.
November 1, 2024
TPM: Trusted Platform Module
Learn about Trusted Platform Module (TPM) technology, its role in hardware-based security, and how it enhances system protection through cryptographic functions and secure key storage.
August 19, 2024
How I Passed the OSCP with 110 Points
A personal journey through OSCP certification preparation, sharing the study methods, resources, and timeline that led to success. This guide covers PWK labs, Proving Grounds practice, HackTheBox machines, and the proven methodology that helped achieve 110 points in 7 months.
August 5, 2023