> whoami
Anthony DiMayo
Cybersecurity practitioner • Stevens grad • Homelab tinkerer
Recent Stevens Institute of Technology graduate (B.S. Business & Technology, concentrations in Computer Science and Economics) pursuing a career in cybersecurity. I learn networking and security continuously, and I build hands-on experience through a personal homelab running Proxmox with an Active Directory domain, SIEM, DFIR, and malware-analysis tooling.
> now · updated May 2026
What I'm working on
A rolling snapshot of current focus — updated regularly.
- Tuning Wazuh rules in the lab — reducing svchost noise without losing real Sysmon Event ID 1 detections.
- Working through TryHackMe SOC Level 2 paths alongside Velociraptor hunt exercises.
- Drafting a writeup on DLL search-order hijacking and how I'd detect it from endpoint telemetry.
- Preparing for the next certification — eyeing CySA+ as the natural step after Security+.
> featured
Selected work
A few projects that show how I think about security, automation, and Linux.
Home-Lab-Setup
MarkdownDocumentation and configuration for the full homelab — Proxmox host, Active Directory domain, Wazuh SIEM, Velociraptor DFIR, pfSense, and a FlareVM malware analysis box.
DLL-Hijacking
MixedNotes and lab exercises exploring DLL search-order hijacking on Windows.
Linux-Host_Enumeration
BashBash script that fingerprints a Linux host — users, SUID binaries, network state, services, and common post-exploitation surfaces.
> ~/notes
Recent writing
Short notes on detection, the lab, and whatever I happened to break this week.
- 1 min
DLL search-order hijacking
A short walkthrough of how Windows resolves DLLs, why the search order is exploitable, and what defenders can do about it.
- 1 min
Wiring Sysmon and PowerShell logging into Wazuh
Notes on getting Sysmon event IDs and PowerShell ScriptBlock logs into Wazuh, plus a VirusTotal enrichment that doesn't blow up your API quota.
- 1 min
Why I built this site
A quick note on what lives here, why the homelab matters, and what I plan to write about next.
> homelab
The lab is the classroom
A Dell PowerEdge R720 running Proxmox hosts an Active Directory domain, Wazuh SIEM, Velociraptor DFIR, pfSense, and a FlareVM malware analysis box.