Welcome to NobisD, a little blog where you can share technical ideas and resources about cybersecurity. There’s no strict editorial line here, just the desire to offer technical, concrete articles, with no bullshit. We’ll be covering topics related to labs, infrastructure, Active Directory, both offensive and defensive, always with a view to learning and progressing. Feel free to use the RSS feed if, like me, you use it for monitoring ;) The rest is coming soon. NobisD
Preamble
1 min
Latest posts
View allUsing cybersecurity graphs for DFIR, detection and threat hunting
Why modeling logs, attack paths and investigation pivots as graphs can help defenders in DFIR, detection and threat hunting.
18/05/2026
Forensics at Scale: Using Dissect and ELK for Efficient Investigations
How to use Dissect and ELK to conduct large-scale forensic operations across multiple evidence files
06/04/2026
Active Directory DFIR investigation: analyzing a PCAP with Zeek, SMB, RDP and DPAPI
Full network investigation in an Active Directory environment. Detecting initial access, lateral movement, and more.
27/02/2026
Network DFIR with Zeek and JupyterLab: preparing an Active Directory PCAP analysis
Introduction to network DFIR using Zeek and JupyterLab
20/02/2026
RPC backdoor: implementing and detecting a backdoor
Hijacking a Microsoft protocol to turn it into a backdoor? In this article, focused on the Microsoft ecosystem, we'll see how to implement it and then detect …
22/01/2026