Syed Khalid Tipu Razvi

https://sktr13055.github.io/Syed Khalid Tipu RazviA minimal, responsive and feature-rich Jekyll theme for technical writing. 2026-04-30T19:41:58+05:30 Syed Khalid Tipu Razvi https://sktr13055.github.io/ Jekyll © 2026 Syed Khalid Tipu Razvi /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png Phishing Email Analysis Made Simple: A Practical Guide for Everyone2026-04-30T13:20:00+05:30 2026-04-30T19:41:38+05:30 https://sktr13055.github.io/posts/Phishing-Email-Analysis-Made-Simple/ Syed Khalid Tipu Razvi

Phishing Email Analysis Made Simple: A Practical Guide for Everyone In today’s digital world, email plays a crucial role in almost every field—education, business, and personal communication. However, one of the biggest risks we face is failing to verify who actually sent an email. This lack of attention is exactly what attackers exploit through phishing. Phishing emails are designed to trick...

⭐ SOC274 - Palo Alto Networks PAN-OS Command Injection Vulnerability Exploitation (CVE-2024-3400)2026-04-18T13:20:00+05:30 2026-04-18T13:20:00+05:30 https://sktr13055.github.io/posts/Lets-Defend-SOC-Event-ID249-Writeup/ Syed Khalid Tipu Razvi

Incident ID: SOC274 Event ID: 249 Date: April 18, 2024 Severity: Critical (CVSS 10.0) Focus: OS Command Injection / Zero-Day Exploitation 1. Initial Triage & External Investigation Playbook Question Answer Evidence / Reasoning Is the traffic coming from outside? YES Source IP 144.172.79.92 is public. Owners...

Lets Defend - SOC Event ID 2382026-04-13T13:20:00+05:30 2026-04-14T14:09:58+05:30 https://sktr13055.github.io/posts/Lets-Defend-SOC-Event-ID238-Writeup/ Syed Khalid Tipu Razvi

SOC153 -Suspicious Powershell Script Executed -Malware Security Incident Report – Suspicious PowerShell Execution (SOC153) 1. Executive Summary On March 14, 2024, at 05:23 PM, a security alert (SOC153 – Suspicious PowerShell Script Executed) was triggered on host Tony. The alert indicates execution of a potentially malicious PowerShell script (payload_1.ps1) from a user download director...

Lets Defend - SOC Event ID 932026-04-07T13:20:00+05:30 2026-04-07T13:20:00+05:30 https://sktr13055.github.io/posts/Lets-Defend-SOC-Event-ID93-Writeup/ Syed Khalid Tipu Razvi

SOC146 - Phishing Mail Detected - Excel 4.0 Macros ( This alert was generated from a real phishing attack.) Security Incident Report Phishing Email with Malicious Excel 4.0 Macros 1. Incident Summary An alert was triggered for a suspected phishing email containing a malicious attachment using Excel 4.0 macros. These types of macros are commonly abused by attackers to execute malware on ...

Lets Defend - SOC Event ID 2342026-04-01T13:20:00+05:30 2026-04-09T21:29:28+05:30 https://sktr13055.github.io/posts/Lets-Defend-SOC-Event-ID234-Writeup/ Syed Khalid Tipu Razvi

🚨 SOC Incident Report – Brute Force Attack (Event ID 234) ⚡ Hands-on SOC investigation involving brute force detection, threat intelligence correlation, and MITRE ATT&CK mapping. Note: Some techniques may overlap across tactics depending on attacker intent and environment context. Why This Lab Matters This lab demonstrates how weak credentials and exposed RDP services can lead t...