Study Notes
-
BlackBox UploadVuln
We'll look at this as a step-by-step process. Let's say that we've been given a website to perform a security audit on.…
-
Layer 2 Security:LAB
DHCP Snooping, Dynamic ARP inspection, Port Security Exercise 4 – Configuring Layer 2 Security Features Sometimes a network could have traffic that…
-
SIEM: NOTES
What is SIEM SIEM stands for Security Information and Event Management system. It is a tool that collects data from various endpoints/network devices across the…
-
Wazuh: WALKTHROUGH
[INCOMPLETE] Created in 2015, Wazuh is an open-source, freely available and extensive EDR solution. It can be used in all scales of environments. Wazuh…
-
Endpoint Security: NOTES
Wazuh Wazuh is an open-source, freely available, and extensive EDR solution, which Security Engineers can deploy in all scales of environments. Wazuh operates on…
-
TShark: NOTES
TShark is an open-source command-line network traffic analyser. It is created by the Wireshark developers and has most of the features of…
-
Wireshark (Defensive)
Capture Filter Syntax These filters use byte offsets hex values and masks with boolean operators, and it is not easy to understand/predict…
-
Brim: NOTES
Brim vs Wireshark vs Zeek While each of them is powerful and useful, it is good to know the strengths and weaknesses of…
-
Ubuntu Zeek: NOTES
Category Command Purpose and Usage Category Command Purpose and Usage Basics View the command history:ubuntu@ubuntu$ history Execute the 10th command in history:…
-
OpenCTI: NOTES
Cyber Threat Intelligence is typically a managerial mystery to handle, with organisations battling with how to input, digest, analyse and present threat…