In this video walkthrough, we covered part 2 of using Splunk in a security operation center. We investigated web applications attacks and answered 200 series questions in TryHackMe. This was part of Boss of the SOC v2.

Room Questions and Answers

Answer the questions below
What version of TOR Browser did Amber install to obfuscate her web browsing? Answer guidance: Numeric with one or more delimiter.

What is the public IPv4 address of the server running

Provide the IP address of the system used to run a web vulnerability scan against

The IP address from Q#2 is also being used by a likely different piece of software to attack a URI path. What is the URI path? Answer guidance: Include the leading forward slash in your answer. Do not include the query string or other parts of the URI. Answer example: /phpinfo.php

What SQL function is being abused on the URI path from the previous question?

What was the value of the cookie that Kevin’s browser transmitted to the malicious URL as part of an XSS attack? Answer guidance: All digits. Not the cookie name or symbols like an equal sign.

What username was maliciously created by a spear phishing attack?

Room Link : Splunk 2

Video Walk-through

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles