Live Tracking

🐑work in progress, always

Hey, I'm
RedSheep.

CTI analyst turned intelligence engineer. I don't just consume intel — I build the systems, detections, and tools that make it actionable. And I make beats when I need to decompress.

About Me Listen to Some Beats

Threat Intel

Live from the trackers.

All trackers →

Loading latest CVEs...

Loading ransomware activity...

Loading EPSS data...

Loading activity...

What I Do

The day job and the side quests.

🔍

Threat Intelligence

Collecting and analyzing CTI, tracking threat actors, and staying ahead of what's moving.

🎯

Threat Hunting

Hypothesis-driven, MITRE-mapped hunts. Looking for the stuff automated tools miss.

🛡

Detection Engineering

Writing detection rules, tuning alerts, reducing noise. If it fires, it should mean something.

🔧

Building Things

Hardware, firmware, tools, whatever scratches the itch. If it doesn't exist, build it.

Other Interests

Things I spend time on outside the main work.

▸Honeypots & threat telemetry

▸Firmware dev & embedded systems

▸SDR & radio hacking

▸Making beats (HiBeatSheep)

▸Building tools that should exist

Stay informed

Strategic assessments, threat intel reports, and IOCs — published regularly.

Reports