Bharath Narayanasamy

Data Manipulation in Splunk: PART I

Splunk Log Parsing and Transformation Configuration Splunk needs to be properly configured to parse and transform the logs appropriately. Some of the issues being highlighted are: Event Breaking: Ensure Splunk…

Bharath Narayanasamy

Threat Hunting SOC Analyst Splunk

Regular Expressions

Regular Expressions: Charsets Searching for Specific Strings Use grep 'string' <file> to search for an exact match. To find patterns rather than exact strings, Regular Expressions (regex) are used. Charsets…

Bharath Narayanasamy

Attacking Active Directory Active Directory

Active Directory Domain Service (AD DS)

Overview AD DS acts as a catalog for all objects in a network (users, groups, machines, printers, etc.). Some objects, such as users and machines, are security principals, meaning they…

Bharath Narayanasamy

GRC

GRC 101: SimpleRisk Core (Community Edition)

What is SimpleRisk CORE (Community Edition)? SimpleRisk CORE (Community Edition) is an open-source Governance, Risk, and Compliance (GRC) tool designed to help organizations identify, assess, and manage risks effectively. It…

Bharath Narayanasamy

PenTest Metasploit

Metasploit Cheat Sheet

MSFconsole Commands CommandDescriptionshow exploitsShow all exploits within the Framework.show payloadsShow all payloads within the Framework.grep meterpreter show payloadsgrep meterpreter grep reverse_tcp show payloadsMSF - Searching for Specific Payloadshow auxiliaryShow all…

Bharath Narayanasamy

Enumeration

Shodan 101

Shodan is a search engine for Internet-connected devices.It lets users search for various types of servers (webcams, routers, servers, etc.) connected to the internet using a variety of filters.Some have…

Bharath Narayanasamy

DFIR

Concepts of Forensic Imaging

Core Concepts The process of imaging a disk starts by identifying the target drive, preparing it for imaging, and then creating the image file which is later verified for integrity.…

Bharath Narayanasamy

RESPOND IDENTIFY DETECT

Wireshark 101 | Traffic Analysis and Investigation (PART 02)

Identifying Hosts When investigating a compromise or malware infection activity, a security analyst should know how to identify the hosts on the network apart from IP to MAC address match.…

Bharath Narayanasamy

Threat Detection and Incident Response

Wireshark 101 | Traffic Analysis and Investigation (PART 01)

Wireshark: Traffic Analysis Display Filter Reference Investigating Nmap scans Nmap is an industry-standard tool for mapping networks, identifying live hosts and discovering the services. As it is one of the…

Bharath Narayanasamy

DETECT RESPOND CyBER Tools

Endpoint Detection and Response (EDR) : Lima Charlie (Part 01)

Introduction to Endpoint Detection and Response (EDR) Endpoint Detection and Response (EDR) is a cybersecurity solution designed to detect, investigate, and respond to threats at the endpoint level. Endpoints include…

Bharath Narayanasamy