Premise

In this video walkthrough, we covered part 2 of using Splunk in a security operation center. We investigated web applications attacks and answered 200 series questions in TryHackMe. This was part of Boss of the SOC v2.

 

Get Splunk Field Notes

 

Room Questions and Answers

Answer the questions below
What version of TOR Browser did Amber install to obfuscate her web browsing? Answer guidance: Numeric with one or more delimiter.

What is the public IPv4 address of the server running www.brewertalk.com?

Provide the IP address of the system used to run a web vulnerability scan against www.brewertalk.com.

The IP address from Q#2 is also being used by a likely different piece of software to attack a URI path. What is the URI path? Answer guidance: Include the leading forward slash in your answer. Do not include the query string or other parts of the URI. Answer example: /phpinfo.php

What SQL function is being abused on the URI path from the previous question?

What was the value of the cookie that Kevin’s browser transmitted to the malicious URL as part of an XSS attack? Answer guidance: All digits. Not the cookie name or symbols like an equal sign.

What brewertalk.com username was maliciously created by a spear phishing attack?

Room Link : Splunk 2

Video Walk-through

,
Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles