Security Researcher & Incident Responder

Documenting adversary tradecraft.
One artifact at a time.

This site is a living record of a real-world DFIR investigation following a directed 0-day attack on a Windows workstation. Each post walks through a phase of the response — from initial triage to root cause analysis — with the goal of turning an incident into a demonstrable skillset.

About me
0 Log Entries
1 Active Investigation
TBD Initial Vector
Win11 Pro Target Platform

Latest Log Entries

About

Background

My name is Roman Hunt. I am a Systems Administrator and Information Security researcher with a focus on incident response, system and cloud security, and reverse engineering.

This portfolio is built around a single, real incident — a directed attack on a personal Windows workstation — documented with the rigor of a professional incident response engagement.

DFIR Threat Hunting Malware Analysis Windows Forensics Log Analysis IOC Development
Contact

DFIR Investigation Log

Directed 0-day attack · Windows workstation · Ongoing