GitHub - shoganaich/blue-journal: My personal journal of CTF writeups, threat hunting investigations, and KQL experiments. Raw logs, step-by-step notes, and lessons learned from hands-on blue team and incident response challenges.

Threat hunt investigations, raw logs, lessons, and a few dead ends along the way.

📚 What’s Inside

Writeups: Step-by-step investigations, findings, and walkthroughs for each public CTF or incident I participate in.
KQL Logs: Raw query experiments, pivots, and iterations—so you see what worked and what didn’t.
Templates: My personal templates for keeping writeups and notes consistent (and hopefully useful).
- See _templates/CTF-writeup-template.md

To document the real process—failed hunts, “aha!” moments, and learning pivots.
To help fellow learners (and my future self) find practical blue team references.
To make investigations more repeatable (and less mysterious).

🏴‍☠️ CTF/Lab	📝 Description	📄 Writeup	📊 KQL Logs	🗒️ Notes (PDF)
Deep Access: The Adversary	Multi-host CTF; persistence, lateral movement	Coming soon	Sorry I lost it	Deep Access The Adversary.pdf
The Great Admin Heist	Malware dropper, LOLBin, persistence hunt	Coming soon	KQL Logs	The Great Admin Heist.pdf
More coming soon...

Victor Cardoso (aka Shoganaich)
Cybersecurity student & intern • Learning by doing
GitHub | LinkedIn | Blog

This repo and all its contents are released under the MIT License — feel free to learn, fork, and remix (at your own risk!).

🦖 Don’t ask.

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
CyberRange		CyberRange
_templates		_templates
LICENSE		LICENSE
README.md		README.md
kql-playbook.md		kql-playbook.md