-
Investigating With Splunk: WALKTHROUGH
SOC Analyst Johny has observed some anomalous behaviours in the logs of a few windows machines. It looks like the adversary has access to some of these machines and successfully created some backdoor. His manager has asked him to pull those logs from suspected hosts and ingest them…
-
BlackBox UploadVuln
We'll look at this as a step-by-step process. Let's say that we've been given a website to perform a security audit on. Assuming that our malicious file upload has been stopped by the server, here are some ways to ascertain what kind of server-side filter…
-
Splunk Incident Handling: WALKTHROUGH
This room covers an incident Handling scenario using Splunk. An incident from a security perspective is “Any event or action, that has a negative consequence on the security of a user/computer or an organization is considered a security incident.” Below are a few of the…
-
Splunk:Basics: WALKTHROUGH
Splunk is one of the leading SIEM solutions in the market that provides the ability to collect, analyze and correlate the network and machine logs in real-time. In this room, we will explore the basics of Splunk and its functionalities and how it provides better visibility of network activities…
-
ItsyBitsy (ELK): WALKTHROUGH
In this challenge room, we will take a simple challenge to investigate an alert by IDS regarding a potential C2 communication. Room Machine Before moving forward, deploy the machine. When you deploy the machine, it will be assigned an IP Machine IP: MACHINE_IP. The machine will take up to…
-
ELK 101: WALKTHROUGH
In this room, we will learn how to utilize the Kibana interface to search, filter, and create visualizations and dashboards, while investigating VPN logs for anomalies. This room also covers a brief overview of Elasticstack components and how they work together. Learning Objective This room has the…
-
Challenge:Monday Monitor: WALKTHROUGH
Scenario Swiftspend Finance, the coolest fintech company in town, is on a mission to level up its cyber security game to keep those digital adversaries at bay and ensure their customers stay safe and sound. Led by the tech-savvy Senior Security Engineer John Sterling, Swiftspend’s…
-
Access Lists:LAB
Welcome to the Applying Security Protocols Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills. In this module, you will complete the following exercises: After completing this lab, you will be able to: Exam Objectives The…
-
Practical Help Desk
Just completed the Practical Help Desk course from TCM Security. This course is 🚨 FREE 🚨 which is amazing as it does an excellent job at covering essential skills needed for the job market. Andrew Bellini has done an awesome job at creating this course…
-
Dell Inspirion 15 3515
I recently purchased a refurbished Dell Inspirion 15 3515 AMD Ryzen 5 3450u 2.1Ghz for an amazingly low price. As with all things that are too good to be true I expected to run into some issues with the device. Right out of the box…
Blog
