Skip to content
-
Security You Can Trust, Expertise You Can Rely On. TekGenX Consulting
NetwerkLABS

Powered By TEKGENX CONSULTING

  • Home
  • BLUE TEAM
    • MITRE ATT&CK
    • INFOSEC Governance and Regulation
      • NIST
        • IDENTIFY
        • PROTECT
        • DETECT
        • RESPOND
        • RECOVER
      • Risk Management
    • SOC
      • Threat Detection and Incident Response
        • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
        • Threat Hunting
          • Traffic Analysis
        • Splunk
          • Splunk Basics
          • Understanding Log Sources
          • Dashboards and Reports
          • Exploring SPL
          • Incident Handling with Splunk
          • Investigating with Splunk
    • Security+
    • Scripting
      • Bash Scripting
      • Python
      • ZyBER-TOOLS
  • ZyBER-SERIES
    • Wazuh – SIEM and XDRThe Open Source Security Platform that provides Unified XDR and SIEM protection for endpoints and cloud workloads
    • Attack and Defend Active Directory
    • Offensive Testing Enterprise Networks
    • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
    • F5 Local Traffic Manager (LTM)F5 Local Traffic Manager (LTM)
    • Incident Response and Forensics
    • Red Team Engagements
  • ZyBER-INTEL
  • ZyBER-NEWS
  • Cookie Policy (EU)
Subscribe

Year: 2024

  • Home
  • 2024
Wireshark 101 | Traffic Analysis and Investigation (PART 04)
Posted inDFIR DETECT RESPOND

Wireshark 101 | Traffic Analysis and Investigation (PART 04)

Encrypted Protocol Analysis: Decrypting HTTPS When investigating web traffic, analysts often run across encrypted traffic. This is caused by using the Hypertext Transfer Protocol Secure (HTTPS) protocol for enhanced security…
Read More
Posted by Avatar photo zyberbkay
Wireshark 101 | Traffic Analysis and Investigation (PART 03)
Posted inIDENTIFY DETECT RESPOND

Wireshark 101 | Traffic Analysis and Investigation (PART 03)

Investigate Tunnelling Traffic: ICMP and DNS Traffic tunnelling is (also known as "port forwarding") transferring the data/resources in a secure method to network segments and zones. It can be used for "internet…
Read More
Posted by Avatar photo zyberbkay
Concepts of Forensic Imaging
Posted inDFIR

Concepts of Forensic Imaging

Core Concepts The process of imaging a disk starts by identifying the target drive, preparing it for imaging, and then creating the image file which is later verified for integrity.…
Read More
Posted by Avatar photo Bharath Narayanasamy
Wireshark 101 | Traffic Analysis and Investigation (PART 02)
Posted inIDENTIFY DETECT RESPOND

Wireshark 101 | Traffic Analysis and Investigation (PART 02)

Identifying Hosts When investigating a compromise or malware infection activity, a security analyst should know how to identify the hosts on the network apart from IP to MAC address match.…
Read More
Posted by Avatar photo Bharath Narayanasamy
Wireshark 101 | Traffic Analysis and Investigation (PART 01)
Posted inThreat Detection and Incident Response

Wireshark 101 | Traffic Analysis and Investigation (PART 01)

Wireshark: Traffic Analysis Display Filter Reference Investigating Nmap scans Nmap is an industry-standard tool for mapping networks, identifying live hosts and discovering the services. As it is one of the…
Read More
Posted by Avatar photo Bharath Narayanasamy
Endpoint Detection and Response (EDR) : Lima Charlie (Part 01)
Posted inCyber Threat Intelligence and Advisory DETECT RESPOND

Endpoint Detection and Response (EDR) : Lima Charlie (Part 01)

Introduction to Endpoint Detection and Response (EDR) Endpoint Detection and Response (EDR) is a cybersecurity solution designed to detect, investigate, and respond to threats at the endpoint level. Endpoints include…
Read More
Posted by Avatar photo Bharath Narayanasamy
SNORT 101 (Part 03)
Posted inDETECT PROTECT RESPOND

SNORT 101 (Part 03)

Snort Rules Each rule should have a type of action, protocol, source and destination IP, source and destination port and an option. Remember, Snort is in passive mode by default.…
Read More
Posted by Avatar photo Bharath Narayanasamy
SNORT 101 (Part 02)
Posted inRESPOND DETECT

SNORT 101 (Part 02)

SNORT in IDS/IPS mode IDS/IPS mode with parameter "-A" There are several alert modes available in snort; console: Provides fast style alerts on the console screen. cmg: Provides basic header details with payload…
Read More
Posted by Avatar photo Bharath Narayanasamy
Snort 101 (Part 01)
Posted inDETECT PROTECT Threat Detection and Incident Response

Snort 101 (Part 01)

Intrusion Detection System (IDS) IDS is a passive monitoring solution for detecting possible malicious activities/patterns, abnormal incidents, and policy violations. It is responsible for generating alerts for each suspicious event.  There…
Read More
Posted by Avatar photo Bharath Narayanasamy
Splunk SIEM: Search Processing Language (SPL) Basics
Posted inSplunk Exploring SPL

Splunk SIEM: Search Processing Language (SPL) Basics

Splunk Search Processing Language comprises of multiple functions, operators and commands that are used together to form a simple to complex search and get the desired results from the ingested…
Read More
Posted by Avatar photo Bharath Narayanasamy

Posts pagination

1 2 3 … 7 Next page

Recent Posts

  • The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: II)
  • The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: I)
  • RED Teaming: Mythic C2 Framework
  • Installing OpenBAS: The OpenSource Breach and Attack Simulation
  • Metasploit Framework (MSFconsole) Cheatsheet

Categories

AD AD attacks brute-force caldera dfir drupal Elastic linux LTM NIST red-team SIEM snort splunk Threat Intel threat_detection Threat_hunting vulnhub wazuh wireshark

Copyright 2025 — NetwerkLABS. Powered by TekGenX Consulting. All rights reserved.
Scroll to Top

Powered by
...
►
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
►
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
►
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
►
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
►
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
None
Powered by