the dogesec blog
much post. so knowledge. many intel. very subscribe. wow.
-
Graphing Credit Card Data Leaks Using STIX 2.1 Objects
analyst August 18, 2025
Turn card numbers into STIX 2.1 objects. Enrich the data with issuer information. Track transactions made by the card. Then link the cards and transactions to other STIX objects in your research (Actors, Incidents, etc.). -
Graphing the Ransomware Payment Ecosystem using STIX Objects
analyst July 14, 2025
I recently conducted a project to identify the most prolific ransomware based on the ransom payments being made. Let me walk you through how I did it. -
Turn any Blog Post into Structured Threat Intelligence
products analyst June 16, 2025
Obstracts is the blog feed reader used by the worlds most targetted cyber-security teams. Let me show you why. -
Full Text, Full Archive RSS Feeds for any Blog
RSS and ATOM feeds are problematic (for our use-cases) for two reasons; 1) lack of history, 2) contain limited post content. We built some open-source software to fix that. -
Using Sigma Rules inside Attack Flows as a Structured Way to Describe an Incident
tutorial developers analyst April 14, 2025
Many attacks are described using free text. This happens, then this, then this. Whereas detection rules provide a structured way to represent these descriptions with actionable content. Attack Flows are the perfect vehicle to combine the two approaches. -
Beyond the ATT&CK Matrix: How to Build Dynamic Attack Flows with STIX
tutorial developers analyst March 17, 2025
MITRE ATT&CK techniques are useful, but they don’t capture the sequence of an attack. Enter Attack Flows. -
Getting Started with the MITRE ATT&CK Navigator
analyst tutorial January 15, 2024
The MITRE ATT&CK Navigator is a very useful tool to explore the MITRE ATT&CK (and other similar frameworks). In this post I take a look what you can do with Navigator and how it works under the hood so that you can use it to model your own ATT&CK-like frameworks.