We discussed and introduced TheHive platform which is used as a security incident response platform for collaboration and exchanging of incident information.

Blue Team Study Notes

Burp Suite Study Notes

The Complete Practical Web Application Penetration Testing Course


TheHive Project is a scalable, open-source and freely available Security Incident Response Platform, designed to assist security analysts and practitioners working in SOCs, CSIRTs and CERTs to track, investigate and act upon identified security incidents in a swift and collaborative manner.

Security Analysts can collaborate on investigations simultaneously, ensuring real-time information pertaining to new or existing cases, tasks, observables and IOCs are available to all team members.

More information about the project can be found on https://thehive-project.org/ & their GitHub Repo.

Room Answers

Which open-source platform supports the analysis of observables within TheHive?


Which pre-configured account cannot manage any cases?


Which permission allows a user to create, update or delete observables?


Which permission allows a user to execute actions?


Where are the TTPs imported from?


According to the Framework, what type of Detection “Data source” would our investigation be classified under?

Network Traffic

Upload the pcap file as an observable. What is the flag obtained fromĀ https://MACHINE_IP//files/flag.html


Video Walkthrough

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles