Powered By TEKGENX CONSULTING
Bharath Narayanasamy 
Views: 3🛡️ For Cybersecurity Defensive Operations and IR/Threat Hunting 🔐 Authentication Events 🗝️ Account Management Events 📂 Object Access Events ✅ Note: Requires enabling object auditing via GPO and SACLs. 🧰 Privilege Use and Logon Types PRO Tip: Use Logon Type + Event 4624/4625 to spot RDP logins, scheduled tasks, or lateral movement attempts. ⚙️ … Read more
Views: 31When integrating Windows servers into your Security Information and Event Management (SIEM) platform, selecting the right log sources is crucial for effective threat detection while maintaining optimal system performance. This comprehensive guide outlines the essential Windows event logs to collect, explains their security significance, and provides a ready-to-deploy PowerShell script for configuration.
Views: 34In the realm of cybersecurity, especially within red teaming and penetration testing, Command and Control (C2) frameworks are pivotal. They facilitate the management of compromised systems, enabling operators to execute commands, maintain persistence, and exfiltrate data. Among the various C2 frameworks available, Covenant C2 stands out due to its unique features and capabilities. 🔍 … Read more
Views: 49Complete Active Directory Enumeration Using PowerView PowerView is a powerful PowerShell tool designed to perform detailed enumeration of Active Directory (AD) environments. It is widely used by penetration testers, red teamers, and security professionals to gather domain-related information, find privilege escalation paths, and map AD trust relationships. Below is a complete list of PowerView … Read more
Views: 91Pyrat is an easy-rated TryHackMe machine that simulates a running Python RAT on an open socket. The challenge involves leaking a GitHub account to gain access to the PyRat source code, which helps in understanding how the RAT operates and gain root access. Room Description: Enumeration Nmap Enumeration Nmap Results Looking at the results we got 2 ports open, 22 and 8000: Also … Read more
Views: 137Docker Setup on ParrotOS 6.3 In this tutorial, we’ll walk you through a foolproof, up-to-date method for getting Docker up and running on the latest release of Parrot OS (March, 2025).Because there’s no official release from Parrot OS (cmiiw), you need to install based on debian. Step 1: Remove any Incorrect Docker Repository Step 2: Add Docker’s Official … Read more
Views: 36We covered the deployment of Velociraptor Server and Client components in the first part of this series. You can read it here if you’re interested. This part of the series will walk you through the capabilities and features of Velociraptor. Exploring the Clients from the Server GUI Searching for Clients The option “Show All” … Read more
Views: 76Introduction In the ever-evolving world of Digital Forensics and Incident Response (DFIR), having a powerful tool at your disposal is essential. Velociraptor stands out as an advanced, open-source endpoint monitoring, digital forensics, and cyber response platform. Developed by DFIR professionals, it empowers teams to hunt for specific artifacts and monitor activity across a fleet … Read more
Views: 91Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective. Before continuing further, please refer this article which details the procedure to setup Caldera on ParrotOS. For this scenario, we will emulate the following … Read more
Views: 40Introduction MITRE Caldera is a powerful adversary emulation platform used for cybersecurity testing and red teaming. However, recent attempts to install Caldera on Ubuntu and Kali Linux have been met with issues—primarily due to the newer Python 3.13 versions. In contrast, installing Caldera on ParrotOS 6.3 (Lorikeet) has been a flawless experience. This blog … Read more