Posted inBIG-IP LTM
Posted inThreat Intelligence
Threat Intelligence for SOC
Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns to mitigate against potential risks associated with existing or emerging threats targeting organisations,…
Threat Detection: Detecting a Webserver Attack
LAB Setup Let's use the DIWA ( Deliberately Insecure Web Application) vulnerable created by Tim Steufmehl , to setup the victim machine. Prepare a Linux machiine with Docker installed. Follow the…
Posted inThreat Intelligence
Detection Engineering vs Threat Hunting
DETECTION ENGINEERING: REINFORCING THE KNOWN Threat detection is the process of identifying threats in an organization that is actively trying to attack the endpoints, networks, devices and systems. Unlike threat…
Posted inPROTECT
Linux System Hardening
Create a GRUB password grub2-mkpasswd-pbkdf2 PBKDF2 stands for Password-Based Key Derivation Function 2. It is important to note that adding a password for GRUB is not available for systems deployed using cloud…
Posted inThreat Hunting
Yara 101
YARAÂ is a powerful pattern-matching tool and rule format used for identifying and classifying files based on specific patterns, characteristics, or content. SOC analysts commonly use YARA rules to detect and…
Posted inCyBER Tools
NetworkMiner
NetworkMiner is an open source network forensics tool that extracts artifacts, such as files, images, emails and passwords, from captured network traffic in PCAP files. NetworkMiner can also be used to capture…
Posted inCyBER Tools
TCPView
TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP…