Detecting Active Directory Kerberos Attacks | HackTheBox Sherlocks Campfire-1 & 2
In this post, we covered the solution walkthroughs for two HackTheBox Sherlock challenges, which are, HackTheBox Campfire-1…
Blue Team
Linux Log Analysis Case Study | Detecting SSH Brute Force Attacks
We covered Linux authentication logs, log files locations in Linux, Linux log analysis tools available in Linux…
Incident Analysis with ELK Kibana | HTTP Logs Analysis | TryHackMe ItsyBitsy
We covered cyber incident analysis with ELK Kibana or Elastic Search. We covered http logs pulled from…
Splunk SIEM Basics For Beginners | TryHackMe Splunk: Basics
Introduction to Splunk We covered the basic fundamentals of Splunk for beginners. We explored data collection through…
Cyber Incident Investigation with Splunk | TryHackMe Investigating with Splunk
Introduction We covered investigating a cyber incident with splunk. We investigated the events generated on compromised windows…
Investigate an Infected Machine with Splunk | TryHackMe Benign
Introduction We covered investigating an infected windows machine using Splunk. We investigated Windows event logs and specifically…
Ransomware Investigation with Splunk | TryHackMe PS Eclipse
Introduction We used Splunk to investigate the ransomware activity on a Windows machine. The ransomware was downloaded…
Analyzing a Hacked WebServer With Wireshark | HackTheBox Intro To Blue Team | Chase
Introduction One of our web servers triggered an AV alert, but none of the sysadmins say they…
Security Onion Training
This post is a tutorial on using Security Onion OS tools such as Sguil and Wireshark for…