Skip to content
-
Security You Can Trust, Expertise You Can Rely On. TekGenX Consulting
NetwerkLABS

Powered By TEKGENX CONSULTING

  • Home
  • BLUE TEAM
    • MITRE ATT&CK
    • INFOSEC Governance and Regulation
      • NIST
        • IDENTIFY
        • PROTECT
        • DETECT
        • RESPOND
        • RECOVER
      • Risk Management
    • SOC
      • Threat Detection and Incident Response
        • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
        • Threat Hunting
          • Traffic Analysis
        • Splunk
          • Splunk Basics
          • Understanding Log Sources
          • Dashboards and Reports
          • Exploring SPL
          • Incident Handling with Splunk
          • Investigating with Splunk
    • Security+
    • Scripting
      • Bash Scripting
      • Python
      • ZyBER-TOOLS
  • ZyBER-SERIES
    • Wazuh – SIEM and XDRThe Open Source Security Platform that provides Unified XDR and SIEM protection for endpoints and cloud workloads
    • Attack and Defend Active Directory
    • Offensive Testing Enterprise Networks
    • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
    • F5 Local Traffic Manager (LTM)F5 Local Traffic Manager (LTM)
    • Incident Response and Forensics
    • Red Team Engagements
  • ZyBER-INTEL
  • ZyBER-NEWS
  • Cookie Policy (EU)
Subscribe

Threat Intelligence

  • Home
  • Threat Hunting
  • Threat Intelligence
Threat Intelligence with MISP: Part 1 – Setting up MISP with Docker
Posted inCyber Threat Intelligence and Advisory Threat Hunting Threat Intelligence

Threat Intelligence with MISP: Part 1 – Setting up MISP with Docker

Step-by-Step Guide to Install MISP Using Docker on Ubuntu In this guide, we will walk through the steps to install the MISP (Malware Information Sharing Platform) using Docker on an Ubuntu server. Prerequisites Before we begin,…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat Intel, MISP
Remote Monitoring and Management software used in phishing attacks
Posted inThreat Intel ZyberAttacks Threat Hunting

Remote Monitoring and Management software used in phishing attacks

RMM software used in phishing attacks Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these…
Read More
Posted by Avatar photo Bharath Narayanasamy
Threat Intelligence for SOC
Posted inThreat Intelligence

Threat Intelligence for SOC

Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns to mitigate against potential risks associated with existing or emerging threats targeting organisations, industries, sectors or governments. There are…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat Intel, threat_detection
Detection Engineering vs Threat Hunting
Posted inThreat Intelligence

Detection Engineering vs Threat Hunting

DETECTION ENGINEERING: REINFORCING THE KNOWN Threat detection is the process of identifying threats in an organization that is actively trying to attack the endpoints, networks, devices and systems. Unlike threat hunting, a threat detection is a…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: threat_detection, detection_engineering
Posted inThreat Intelligence

Custom detection rule with the MITRE ATT&CK framework in Splunk

Let's walk through a practical example of creating a custom detection rule with the MITRE ATT&CK framework in Splunk. Example:Let's say we want to create a detection rule for the technique T1566.001 - "Phishing: Spearphishing Attachment"…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inThreat Intelligence

Investigate SQLi attacks using Splunk

Sure! Here are a few Splunk queries that can help detect web application attacks: Detecting SQL Injection Attacks: index=<your_index> sourcetype=<your_sourcetype> | search (request_uri=*' OR referer=*) AND (|inputlookup sql_injection_keywords.csv) Detecting Cross-Site Scripting (XSS) Attacks: index=<your_index> sourcetype=<your_sourcetype> |…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: splunk, SQLi
Threat Intelligence Tools – Abuse.ch
Posted inThreat Intelligence

Threat Intelligence Tools – Abuse.ch

Abuse.ch Platform Abuse.ch is a research project hosted by the Institue for Cybersecurity and Engineering at the Bern University of Applied Sciences in Switzerland. It was developed to identify and track malware and botnets through several operational…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat Intel, abuse.ch
Threat Intelligence Tools – URLScan.io
Posted inThreat Hunting Threat Intelligence

Threat Intelligence Tools – URLScan.io

Urlscan.io is a free service developed to assist in scanning and analysing websites. It is used to automate the process of browsing and crawling through websites to record activities and interactions. When a URL is submitted, the…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat Intel, URLScan.io
Threat Intelligence
Posted inThreat Hunting Threat Intelligence

Threat Intelligence

Threat Intelligence Foundation: Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns on how to mitigate against potential risks associated with existing or emerging threats targeting organisations, industries,…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat Intel, URLScan.io

Recent Posts

  • HAVOC C2: COMMAND & CONTROL FRAMEWORK [PART – I]
  • Wireshark Threat Hunting – From Packets to Indicators [HTTP: DEEP-DIVE]
  • SETUP DVWA ON WINDOWS
  • Wireshark Threat Hunting – From Packets to Indicators [SMB: DEEP-DIVE]
  • Wireshark Threat Hunting – From Packets to Indicators

Categories

AD AD attacks brute-force caldera CISO dfir Elastic hydra linux NIST red-team SIEM snort splunk Threat Intel threat_detection Threat_hunting vulnhub wazuh wireshark

Copyright 2026 — NetwerkLABS. Powered by TekGenX Consulting. All rights reserved.
Scroll to Top

Powered by
►
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
►
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
►
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
►
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
►
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
None
Powered by