Skip to content

Security Scriptographer — PowerShell & Threat Hunting

Through Security Scriptographer, I transform complex security concepts into practical scripts and tutorials. Proficient in PowerShell, Python and various security frameworks, I'm here to help others enhance their security toolkit. Simple code, serious security. 🛡️

  • Home
  • Start Here
  • About me

Windows Security: Detecting malicious scheduled tasks

January 04, 2025 0 Comments 10 min read
Windows Security: Detecting malicious scheduled tasks

Detecting malicious scheduled tasks on Windows is mostly about knowing what "normal" looks like in your environment and recogn...

Read more →

PowerShell Security Monitoring Threat Hunting Windows

Windows Security: Best practices for securing Windows services

January 04, 2025 0 Comments 10 min read
Windows Security: Best practices for securing Windows services

Securing Windows services is one of those topics where everyone agrees on the goal and almost nobody implements the same set of con...

Read more →

Active Directory PowerShell Sysadmin Windows

Windows Security: Registry Forensics - Where Attackers Hide

January 03, 2025 0 Comments 10 min read
Windows Security: Registry Forensics - Where Attackers Hide

Windows registry forensics is one of the highest-yield areas of endpoint investigation, and the reason is structural: the registry ...

Read more →

Forensics Threat Hunting Windows

Essential Windows Event IDs for Security Monitoring

January 03, 2025 0 Comments 10 min read
Essential Windows Event IDs for Security Monitoring

Every defender eventually needs a working knowledge of Windows Event IDs for security monitoring . There are thousands of them, but ...

Read more →

Security Monitoring Threat Hunting Windows

Building a Python Port Scanner for Authorised Scanning

January 02, 2025 0 Comments 10 min read
Building a Python Port Scanner for Authorised Scanning

Building a Python port scanner is a useful exercise for any defender who wants to understand what attackers' first reconnaiss...

Read more →

Automation Python Tutorials
← Newer Posts Home
Subscribe to: Posts (Atom)

Search

most popular blogs

From Logs to Threats: SIEM Correlation Rules for Real Attacks

Image
Read more

PowerShell Script Block Logging with Event ID 4104

Image
Read more

Important References

  • MITRE ATT&CK
  • MITRE D3FEND
  • PowerShell Documentation

Categories

  • Active Directory
  • ASR Rules
  • Authentication
  • Automation
  • BitLocker
  • Conditional Access
  • Defense Evasion
  • Detection Engineering
  • Device Compliance
  • Disk Encryption
  • Endpoint Security
  • Entra ID
  • EVTX
  • FIDO2
  • Forensics
  • Hybrid Identity
  • Identity Security
  • Incident Response
  • Intune
  • IOC
  • KQL
  • MFA
  • Microsoft 365 Security
  • Microsoft Defender for Endpoint
  • Microsoft Defender XDR
  • Microsoft Graph
  • Microsoft Intune
  • Microsoft Sentinel
  • Migration
  • MITRE ATT&CK
  • MITRE D3FEND
  • Passwordless
  • Persistence
  • Phishing Simulation
  • PowerShell
  • Privileged Identity Management
  • Project Online
  • Python
  • Scripting
  • Security Baselines
  • Security Monitoring
  • SharePoint
  • SIEM
  • Sigma
  • Sysadmin
  • Sysmon
  • Threat Hunting
  • Tutorials
  • Windows
  • Windows LAPS
  • Windows Security
  • YARA

Blog Archive

  • July 2026 (4)
  • June 2026 (21)
  • May 2026 (8)
  • July 2025 (3)
  • January 2025 (5)

Report Abuse

Navigation

  • Home
  • Start Here
  • About
  • Search
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Impressum
  • Manage privacy settings

Categories

  • Security
  • Scripting
  • Tutorials

Guides

  • Start Here
  • MITRE ATT&CK Fundamentals
  • MITRE D3FEND Fundamentals

Copyright © Security Scriptographer — PowerShell & Threat Hunting

Design by Compete Themes | Blogger Theme by NewBloggerThemes.com