Posted inPractical LABS
Install Docker on ParrotOS
Docker Setup on ParrotOS 6.3 In this tutorial, we’ll walk you through a foolproof, up-to-date method for getting Docker up and running on the latest release of Parrot OS (March,…
Posted inDFIR
Hunting the hunters: DFIR with Velociraptor (PART-II)
We covered the deployment of Velociraptor Server and Client components in the first part of this series. You can read it here if you're interested. This part of the series…
Posted inDFIR
Hunting the hunters: DFIR with Velociraptor (PART-I)
Introduction In the ever-evolving world of Digital Forensics and Incident Response (DFIR), having a powerful tool at your disposal is essential. Velociraptor stands out as an advanced, open-source endpoint monitoring,…
Posted inRED TEAM
Caldera: Simulating a Complete Attack Chain
Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective.…
Posted inRED TEAM
Installing Caldera on ParrotOS: A Smoother Experience Compared to Ubuntu and Kali Linux
Introduction MITRE Caldera is a powerful adversary emulation platform used for cybersecurity testing and red teaming. However, recent attempts to install Caldera on Ubuntu and Kali Linux have been met…
Posted inSOC Analyst BLUE TEAM Vulnerability Scanning
Vulnerability Management: FARADAY
Faraday: Open Source Vulnerability Manager Faraday is a powerful open-source vulnerability management platform designed to help cybersecurity teams streamline their pentesting, vulnerability assessment, and remediation processes. Built with a collaborative…
Posted inRED TEAM
Atomic Red Team – A Framework for Threat Emulation: PART II
This is the PART II article in the Atomic RED series. Please follow this link to read PART I of the series. Listing Atomic Techniques We can use the parameters…
Posted inRED TEAM
Atomic Red Team – A Framework for Threat Emulation: PART I
Overview What is Atomic Red Atomic Red Team is an open-source framework designed for security testing and threat emulation. It allows security professionals to simulate real-world cyberattacks and assess the…
Posted inSplunk Splunk Basics
Data Manipulation in Splunk: PART II
Event Boundaries Event breaking in Splunk refers to breaking raw data into individual events based on specified boundaries. Splunk uses event-breaking rules to identify where one event ends, and the next begins. In the…
Posted inSplunk Basics Splunk
Data Manipulation in Splunk: PART I
Splunk Log Parsing and Transformation Configuration Splunk needs to be properly configured to parse and transform the logs appropriately. Some of the issues being highlighted are: Event Breaking: Ensure Splunk…