🛡️ Blue Team Handbook
Welcome.
If you’re trying to learn Blue Teaming, SOC operations, digital forensics, or threat detection, you’ve probably noticed something pretty quickly — the information is everywhere.
A bit in courses.
A bit in documentation.
Some in blogs, labs, and random notes you saved months ago.
At some point I realized I needed one place to connect all of it together.
So I started building this handbook.
This site is a living collection of notes, tools, investigations, and concepts I’m learning while exploring the world of defensive cybersecurity.
It’s not meant to be perfect documentation. Instead, it’s more like a structured notebook from someone actively learning how defenders think, investigate alerts, and respond to incidents.
Along the way I document things like:
-
SOC tools and detection platforms
-
Digital Forensics & Incident Response (DFIR)
-
Network traffic analysis
-
Malware behaviour and investigation
-
Security frameworks and detection strategies
If you’re also learning about SOC operations, threat detection, incident response, or are simply curious about the world of Blue Teaming, there’s a good chance many of these notes will feel familiar.
And hopefully, useful.
📚 Start exploring using the sidebar or search.
New notes get added regularly as I continue learning and digging deeper into defensive security.