Skip to content
-
Security You Can Trust, Expertise You Can Rely On. TekGenX Consulting

NetwerkLABS

Powered By TEKGENX CONSULTING

  • Home
  • BLUE TEAM
    • MITRE ATT&CK
    • INFOSEC Governance and Regulation
      • NIST
        • IDENTIFY
        • PROTECT
        • DETECT
        • RESPOND
        • RECOVER
      • Risk Management
    • SOC
      • Threat Detection and Incident Response
        • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
        • Threat Hunting
          • Traffic Analysis
        • Splunk
          • Splunk Basics
          • Understanding Log Sources
          • Dashboards and Reports
          • Exploring SPL
          • Incident Handling with Splunk
          • Investigating with Splunk
    • Security+
    • Scripting
      • Bash Scripting
      • Python
      • ZyBER-TOOLS
  • ZyBER-SERIES
    • Wazuh – SIEM and XDRThe Open Source Security Platform that provides Unified XDR and SIEM protection for endpoints and cloud workloads
    • Attack and Defend Active Directory
    • Offensive Testing Enterprise Networks
    • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
    • F5 Local Traffic Manager (LTM)F5 Local Traffic Manager (LTM)
    • Incident Response and Forensics
    • Red Team Engagements
  • ZyBER-INTEL
  • ZyBER-NEWS
  • Cookie Policy (EU)
Subscribe
Top Stories
The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: II)
The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: I)
RED Teaming: Mythic C2 Framework
Installing OpenBAS: The OpenSource Breach and Attack Simulation
Metasploit Framework (MSFconsole) Cheatsheet
OpenCTI – Open Source Threat Intelligence Platform: PART I
SIEM: Onboarding WIndows Servers
Command & Control Mastery with Covenant C2: PART-I
Active Directory Enumeration with PowerView
TryHackMe: PyRAT
Install Docker on ParrotOS
Hunting the hunters: DFIR with Velociraptor (PART-II)
Hunting the hunters: DFIR with Velociraptor (PART-I)
Caldera: Simulating a Complete Attack Chain
Installing Caldera on ParrotOS: A Smoother Experience Compared to Ubuntu and Kali Linux
Vulnerability Management: FARADAY
Atomic Red Team – A Framework for Threat Emulation: PART II
Atomic Red Team – A Framework for Threat Emulation: PART I
Data Manipulation in Splunk: PART II
Data Manipulation in Splunk: PART I
Regular Expressions
Active Directory Domain Service (AD DS)
GRC 101: SimpleRisk Core (Community Edition)
Metasploit Cheat Sheet
Shodan 101
Wireshark 101 | Traffic Analysis and Investigation (PART 04)
Wireshark 101 | Traffic Analysis and Investigation (PART 03)
Concepts of Forensic Imaging
Wireshark 101 | Traffic Analysis and Investigation (PART 02)
Wireshark 101 | Traffic Analysis and Investigation (PART 01)
Endpoint Detection and Response (EDR) : Lima Charlie (Part 01)
SNORT 101 (Part 03)
SNORT 101 (Part 02)
Snort 101 (Part 01)
Splunk SIEM: Search Processing Language (SPL) Basics
 Ship OPNSense Firewall Logs To Splunk SIEM
Wazuh: VirusTotal Integration
Operationalizing Security: CALDERA Meets WAZUH (PART II)
Operationalizing Security: CALDERA Meets WAZUH (PART I)
(TryHackMe) Servidae: Log Analysis in ELK
TD_003
Threat Detection Engineering
Log Analysis: Basics
Splunk SIEM: Exploring SPL
Threat Intelligence with MISP: Part 1 – Setting up MISP with Docker
Thraet_Detect_TWO
Useful Windows Event IDs
Yara
Web Attacks
close up view of system hacking
NIST Cybersecurity Framework (CSF) and ISO/IEC 27001
close up view of system hacking
Digital Operational Resilience Act (DORA)
Test Page
CTI_June2024: Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
TD_003
Wazuh: Detecting Web Attacks
TD_003
Ingesting OPNsense logs into Wazuh SIEM
THREAT EMULATION: Introduction
Decoding
IR_002
Code Obfuscation and Deobfuscation
Incident Response
Remote Monitoring and Management software used in phishing attacks
Pyramid of Pain
MISP (Malware Information Sharing Platform)
SOC Home LAB: Elastic SIEM Installation
Incident Report Template
Windows Event Logs
Wireshark 101 | Packet Operations
SOC Tools and Useful Links
ELASTIC SIEM: Kibana Query Language (KQL) 
MITRE Framework
GOAD v2 Installation
DFIR: Core Windows Processes
Remotely Upgrading Wazuh Agents – CLI Method
L4 – L7 Load Balancing
BIG-IP LTM: Deployment Models
BIG-IP LTM: Load Balancing Methods
Threat Intelligence for SOC
Threat Detection: Detecting a Webserver Attack
Detection Engineering vs Threat Hunting
Linux System Hardening
DFIR: Linux File System Analysis
Yara 101
NetworkMiner
TCPView
Intro to Practical Enterprise Pentesting
High-Risk Vulnerabilities in ConnectWise ScreenConnect and Remediation procedure
AD Attacks & Tools Timeline
AD Fundamentals
Breaching AD
Cyber Kill Chain
Splunk SPL 101
Practical Threat Hunting using Elastic SIEM: Hunting for Stuxbot
Netminer
Introduction to Network Forensics
Wireshark: 802.11 Denial of Service
Analysis with Wireshark
TCPDump
Elastic SIEM: Developing Dashboards & Visualization
SIEM Use cases
Traffic Analysis Essentials
Login Brute Forcing
Understanding Kerberos Authentication
PowerView Cheat Sheet
Posted inRED TEAM

The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: II)

Disclaimer “This guide is for authorized testing in a controlled environment. Obtain written approval before sending any simulated emails.” SekurFinCorp: Phishing Simulation (Credential Capture via a Realistic Banking Lure) In…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: I)

Disclaimer “This guide is for authorized testing in a controlled environment. Obtain written approval before sending any simulated emails.” Installing GoPhish on Ubuntu 24.04 GoPhish provides a complete platform to…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

RED Teaming: Mythic C2 Framework

Disclaimer: This post is created solely for educational and research purposes. The techniques, tools, and concepts discussed are intended to enhance cybersecurity awareness and skills by demonstrating how offensive security testing works. Unauthorized…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM OpenBAS

Installing OpenBAS: The OpenSource Breach and Attack Simulation

Introduction In today's rapidly evolving cybersecurity landscape, organizations need robust tools to test their security posture and validate their defenses. OpenBAS (Open Breach and Attack Simulation) emerges as a powerful…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inVulnLAB

Metasploit Framework (MSFconsole) Cheatsheet

Disclaimer: This post is created solely for educational and research purposes. The techniques, tools, and concepts discussed are intended to enhance cybersecurity awareness and skills by demonstrating how offensive security…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inVulnLAB

OpenCTI – Open Source Threat Intelligence Platform: PART I

OpenCTI (Open Cyber Threat Intelligence Platform) is a powerful open-source solution designed to help security teams collect, store, organize, and visualize threat intelligence in a structured way. Whether you’re a…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inThreat Intelligence

Investigate SQLi attacks using Splunk

Sure! Here are a few Splunk queries that can help detect web application attacks: Detecting SQL Injection Attacks: index=<your_index> sourcetype=<your_sourcetype> | search (request_uri=*' OR referer=*) AND (|inputlookup sql_injection_keywords.csv) Detecting Cross-Site…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inSOC Analyst

Cybersecurity playbook for SOC

Developing a comprehensive cybersecurity playbook for a Security Operations Center (SOC) requires a systematic approach to address various aspects of cybersecurity operations. Below is a suggested structure for a SOC…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inPrivilege Escalation

Linux Privilege Escalation Techniques

Linux privilege escalation techniques involve methods that allow a user to gain higher privileges or escalate their existing privileges to gain unauthorized access or perform actions they wouldn't typically be…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inThreat Hunting Threat Detection and Incident Response

Splunk Threat Hunting – Windows Events

When performing threat hunting using Splunk on Windows systems, there are several important queries you can use to identify potential threats and security incidents. Here are some examples: Detecting Suspicious…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inThreat Detection and Incident Response

Windows Event IDs to monitor/investigation

SOC (Security Operations Center) teams typically monitor various Windows event IDs to detect and respond to security incidents. While the specific event IDs may vary depending on the organization's security…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inPrivilege Escalation

Privilege Escalation – WINDOWS

Post Exploit Enumeration # Basics systeminfo hostname systeminfo | findstr /B /C:"OS Name" /C:"OS Version" # Who am I? whoami echo %username% # What users/localgroups are on the machine? net…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inEnumeration

CrackMapExec Cheat Sheet

Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inCisco ISE

Cisco ISE licensing

Cisco ISE licenses Source: Cisco Evaluation Cisco ISE, upon installation, grants a 90-day Evaluation license that supports 100 endpoints and enables all Cisco ISE features. You can set up a…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inPractical LABS VulnLAB

VulnHUB PwnBox-init: Walkthrough

Lab setup Enumeration Nmap scan └─$ nmap -sC -sV -p- -A -T5 172.16.1.116 -oN pwnbox.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-05-01 16:21 CEST Nmap scan report for 172.16.1.116…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inPrivilege Escalation

Linux Privilege Escalation: The PATH Environment Variable (PATH Abuse)

LAB setup Attack Box: KALI Linux or ParrotOS Victim machine: VulnHUB VM: OS-Bytesec Initial Access Read this article to learn how to gain initial access to the victim machine. SSH…
Read More
Posted by Avatar photo Bharath Narayanasamy

Posts pagination

Previous page 1 … 11 12 13 14 15 … 17 Next page

Recent Posts

  • The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: II)
  • The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: I)
  • RED Teaming: Mythic C2 Framework
  • Installing OpenBAS: The OpenSource Breach and Attack Simulation
  • Metasploit Framework (MSFconsole) Cheatsheet

Categories

AD AD attacks brute-force caldera dfir drupal Elastic linux LTM NIST red-team SIEM snort splunk Threat Intel threat_detection Threat_hunting vulnhub wazuh wireshark

You May Have Missed
Posted inRED TEAM

The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: II)

Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: I)

Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

RED Teaming: Mythic C2 Framework

Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM OpenBAS

Installing OpenBAS: The OpenSource Breach and Attack Simulation

Posted by Avatar photo Bharath Narayanasamy
Copyright 2025 — NetwerkLABS. Powered by TekGenX Consulting. All rights reserved.
Scroll to Top

Powered by
...
►
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
►
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
►
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
►
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
►
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
None
Powered by