Investigate an Infected Machine with Splunk | TryHackMe Benign
Introduction We covered investigating an infected windows machine using Splunk. We investigated Windows event logs and specifically process execution…
splunk
Ransomware Investigation with Splunk | TryHackMe PS Eclipse
Introduction We used Splunk to investigate the ransomware activity on a Windows machine. The ransomware was downloaded to the…
Investigating Conti Ransomware on Microsoft Exchange with Splunk | TryHackMe
In this post, we investigated the Conti ransomware that hit Microsoft Exchange via a series of vulnerabilities. We used…
Active Directory Privilege Escalation Through SeBackupPrivilege | TryHackMe Razor Black
Introduction In this video walkthrough, we covered Active Directory penetration testing and Privilege Escalation through techniques such as ASREProsting…
Investigating Compromised Machines with Splunk | TryHackMe Splunk3
Introduction In this video walkthrough, we covered investigating a compromised endpoint by going over the malicious events. Part of…
Investigating FTP with Splunk | TryHackMe Boss of the SOC v2
Premise In this video, we covered FTP investigation using splunk search queries. We used data from TryHackMe Splunk 2…
USB Attacks Investigation with Splunk | TryHackMe Splunk 2 Boss of the SOC v2
Premise In this video walkthrough, we covered investigating malware / ransomware usb attacks with splunk to unleash artifacts related…
Detecting SQL and XSS Web Application Attacks with Splunk | TryHackMe Splunk 2
Premise In this video walkthrough, we covered part 2 of using Splunk in a security operation center. We investigated…
Web Activity Investigation with Splunk | TryHackMe Splunk 2 Boss of the SOC V2
Premise In this video walkthrough, we covered how to investigate web activity for users with Splunk. TryHackMe Splunk 2…
Investigating Cerber Ransomware with Splunk | TryHackMe Boss of the SOC V1
Premise In this video walkthrough, we covered how to investigate the Cerber Ransomware and find its related artifacts in…