Tristan Dostaler

I was recently working on a Lockbit ransomware incident and I was able to recover the data from encrypted VMDK and VHDX files.

In this post, I explain different strategies that can be use to secure WordPress. I cover the basics, the plugins and more.

This post is a follow up of the post “SIEM 102 — Detect Windows bruteforce” where I explained how to create a detection Use Case to detect a Windows bruteforce.
In this post I will explain how we can enhance the original detection logic by having a lower False Positive rate.

I recently switched to Humio and transferred all the logs and automations I have. In this post I explain why I did this transfer.

It’s hard to decide where to put the efforts to secure this environment. The 18 CIS Controls can help us prioritize our efforts.

In this post I explain what is the story around the Log4j vulnerability, named Log4Shell, and why it’s on the news.

I have been asked for a reading list of cybersecurity books. I decided to document this list here so it can be used by a broader public.

If you didn't read it, I wrote a "part 1" which addresses easier challenges: https://www.tristandostaler.com/northsec-ctf-write-up-part-1/This post will be the part 2 of my write ups. Hymn This challenge was interesting for me because of my bias towards challenges of...

A first write-up for some NorthSec CTF’s challenges

In this article I explain why MEGA is my favorite cloud storage provider. The main feature I like: they encrypt everything with your password!