Blue Team
-
TShark: NOTES
TShark is an open-source command-line network traffic analyser. It is created by the Wireshark developers and has most of the features of…
-
Wireshark (Defensive)
Capture Filter Syntax These filters use byte offsets hex values and masks with boolean operators, and it is not easy to understand/predict…
-
Brim: NOTES
Brim vs Wireshark vs Zeek While each of them is powerful and useful, it is good to know the strengths and weaknesses of…
-
Ubuntu Zeek: NOTES
Category Command Purpose and Usage Category Command Purpose and Usage Basics View the command history:ubuntu@ubuntu$ history Execute the 10th command in history:…
-
OpenCTI: NOTES
Cyber Threat Intelligence is typically a managerial mystery to handle, with organisations battling with how to input, digest, analyse and present threat…
-
OSINT Tools: NOTES
Urlscan.io is a free service developed to assist in scanning and analysing websites. It is used to automate the process of browsing and…
-
CTI: NOTES
Cyber Threat Intelligence (CTI) can be defined as evidence-based knowledge about adversaries, including their indicators, tactics, motivations, and actionable advice against them.…
-
UKC: NOTES
Threat modelling, in a cybersecurity context, is a series of steps to ultimately improve the security of a system. Threat modelling is…
-
MISP: NOTES
MISP – MALWARE INFORMATION SHARING PLATFORM MISP (Malware Information Sharing Platform) is an open-source threat information platform that facilitates the collection, storage and distribution of…
-
Cyber Kill Chain: NOTES
Reconnaissance is discovering and collecting information on the system and the victim. The reconnaissance phase is the planning phase for the adversaries.…
