About

Pandora’s Box is my fourth attempt to migrate the blog engine to something new and more flexible compare to the old one. This blog is a place for cybersecurity technical-focused posts, especially in both offensive and defensive security. Mostly, the blog will be written in Thai to provide technical resources which rarely found in Thailand’s cybersecurity industry.

I’m a defensive security engineer whose also interested in offensive security tradecraft. Currently independent cyber security researcher, I was senior cybersecurity responder and the ex-leader of the Intelligent Response team at i-secure Co., Ltd. My expertise areas are including:

Incident handling and response
Digital forensics
Malware analysis and threat intelligence
Adversary simulation/emulation
Threat hunting and compromised assessment
Detection engineering

Experiences

Co-administrator for 2600Thailand community, and Red X Blue Pill Security Conference organizor
Official writer for Thai technology news webiste, Blognone
Visiting instructor on cyber security topic in Business and Financial Technology certificate program, Mahidol University
Instructor for the ExAcademy “ExSec” program on passive information gathering, fileless attack, lateral movement, and data exfiltration
Presented at MiSSConf(SP5) about incident assessment with MITRE ATT&CK framework
3rd Place Winner Award on Thailand’s Network Security Content 2016
Forensics analyst trainee at ThaiCERT
Winners of CAT Cyfence Cybercop Content 2015
Honorable Mention Award on Thailand CTF Competition 2015

Certifications

GIAC Reverse Engineering Malware (GREM) - 6282
GIAC Certified Incident Handler (GCIH) - 32837
EC-Council Certified Incident Handler (EHIC) - ECC88454796053

Contribution

mthc is an all-in-one bundle of MISP, TheHive and Cortex
crowdstrike-falcon-queries is a collection of Splunk’s Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon
Contributed to misp-docker and minemeld-node-prototypes

Contact

Chat with me on Keybase
Email address p@pandora[.]sh