Skip to content

Security Scriptographer — PowerShell & Threat Hunting

Through Security Scriptographer, I transform complex security concepts into practical scripts and tutorials. Proficient in PowerShell, Python and various security frameworks, I'm here to help others enhance their security toolkit. Simple code, serious security. 🛡️

  • Home
  • Start Here
  • About me

Sigma Rule for Registry Run-Key Persistence (ID 13)

June 03, 2026 0 Comments 10 min read

A Sigma rule for registry Run-key persistence catches the most-taught autostart technique on Windows: an attacker writing a value under ...

Read more →

Detection Engineering Persistence SIEM Sigma Sysmon Threat Hunting

Sigma Rule for Cleared Event Logs: Event 1102

June 01, 2026 0 Comments 10 min read

A Sigma rule for cleared event logs catches one of the noisiest things an attacker can do on the way out: wiping the Windows event log t...

Read more →

Defense Evasion Detection Engineering SIEM Sigma Threat Hunting Windows Security

Sigma Rule for Suspicious Service Installs: 7045

June 01, 2026 0 Comments 10 min read

A Sigma rule for Windows service installation catches a persistence and privilege-escalation pattern that has not gone out of style: an ...

Read more →

Detection Engineering Persistence SIEM Sigma Threat Hunting Windows Security
← Newer Posts Older Posts → Home

Search

most popular blogs

MITRE ATT&CK to SIEM Rules: A Practical Look at SIOR-Helper

Image
Read more

From Logs to Threats: SIEM Correlation Rules for Real Attacks

Image
Read more

Important References

  • MITRE ATT&CK
  • MITRE D3FEND
  • PowerShell Documentation

Categories

  • Active Directory
  • Automation
  • Defense Evasion
  • Detection Engineering
  • Forensics
  • KQL
  • Microsoft 365 Security
  • Microsoft Defender XDR
  • MITRE ATT&CK
  • MITRE D3FEND
  • Persistence
  • Phishing Simulation
  • PowerShell
  • Python
  • Security Monitoring
  • SIEM
  • Sigma
  • Sysadmin
  • Sysmon
  • Threat Hunting
  • Tutorials
  • Windows
  • Windows Security
  • YARA

Blog Archive

  • June 2026 (3)
  • May 2026 (8)
  • July 2025 (3)
  • January 2025 (7)
  • December 2024 (9)

Report Abuse

Navigation

  • Home
  • Start Here
  • About
  • Search
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Impressum

Categories

  • Security
  • Scripting
  • Tutorials

Guides

  • Start Here
  • MITRE ATT&CK Fundamentals
  • MITRE D3FEND Fundamentals

Copyright © Security Scriptographer — PowerShell & Threat Hunting

Design by Compete Themes | Blogger Theme by NewBloggerThemes.com