Skip to content
-
Security You Can Trust, Expertise You Can Rely On. TekGenX Consulting

NetwerkLABS

Powered By TEKGENX CONSULTING

  • Home
  • BLUE TEAM
    • MITRE ATT&CK
    • INFOSEC Governance and Regulation
      • NIST
        • IDENTIFY
        • PROTECT
        • DETECT
        • RESPOND
        • RECOVER
      • Risk Management
    • SOC
      • Threat Detection and Incident Response
        • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
        • Threat Hunting
          • Traffic Analysis
        • Splunk
          • Splunk Basics
          • Understanding Log Sources
          • Dashboards and Reports
          • Exploring SPL
          • Incident Handling with Splunk
          • Investigating with Splunk
    • Security+
    • Scripting
      • Bash Scripting
      • Python
      • ZyBER-TOOLS
  • ZyBER-SERIES
    • Wazuh – SIEM and XDRThe Open Source Security Platform that provides Unified XDR and SIEM protection for endpoints and cloud workloads
    • Attack and Defend Active Directory
    • Offensive Testing Enterprise Networks
    • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
    • F5 Local Traffic Manager (LTM)F5 Local Traffic Manager (LTM)
    • Incident Response and Forensics
    • Red Team Engagements
  • ZyBER-INTEL
  • ZyBER-NEWS
  • Cookie Policy (EU)
Subscribe
Top Stories
Metasploit: Quick Reference Sheet
HAVOC C2: COMMAND & CONTROL FRAMEWORK [PART – I]
Wireshark Threat Hunting – From Packets to Indicators [HTTP: DEEP-DIVE]
SETUP DVWA ON WINDOWS
Wireshark Threat Hunting – From Packets to Indicators [SMB: DEEP-DIVE]
Wireshark Threat Hunting – From Packets to Indicators
Nmap Cheat Sheet
The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: II)
The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: I)
RED Teaming: Mythic C2 Framework
Installing OpenBAS: The OpenSource Breach and Attack Simulation
Metasploit Framework (MSFconsole) Cheatsheet
OpenCTI – Open Source Threat Intelligence Platform: PART I
SIEM: Onboarding WIndows Servers
Command & Control Mastery with Covenant C2: PART-I
Active Directory Enumeration with PowerView
TryHackMe: PyRAT
Install Docker on ParrotOS
Hunting the hunters: DFIR with Velociraptor (PART-II)
Hunting the hunters: DFIR with Velociraptor (PART-I)
Caldera: Simulating a Complete Attack Chain
Installing Caldera on ParrotOS: A Smoother Experience Compared to Ubuntu and Kali Linux
Vulnerability Management: FARADAY
Atomic Red Team – A Framework for Threat Emulation: PART II
Atomic Red Team – A Framework for Threat Emulation: PART I
Data Manipulation in Splunk: PART II
Data Manipulation in Splunk: PART I
Regular Expressions
Active Directory Domain Service (AD DS)
GRC 101: SimpleRisk Core (Community Edition)
Metasploit Cheat Sheet
Shodan 101
Wireshark 101 | Traffic Analysis and Investigation (PART 04)
Wireshark 101 | Traffic Analysis and Investigation (PART 03)
Concepts of Forensic Imaging
Wireshark 101 | Traffic Analysis and Investigation (PART 02)
Wireshark 101 | Traffic Analysis and Investigation (PART 01)
Endpoint Detection and Response (EDR) : Lima Charlie (Part 01)
SNORT 101 (Part 03)
SNORT 101 (Part 02)
Snort 101 (Part 01)
Splunk SIEM: Search Processing Language (SPL) Basics
 Ship OPNSense Firewall Logs To Splunk SIEM
Wazuh: VirusTotal Integration
Operationalizing Security: CALDERA Meets WAZUH (PART II)
Operationalizing Security: CALDERA Meets WAZUH (PART I)
(TryHackMe) Servidae: Log Analysis in ELK
TD_003
Threat Detection Engineering
Log Analysis: Basics
Splunk SIEM: Exploring SPL
Threat Intelligence with MISP: Part 1 – Setting up MISP with Docker
Thraet_Detect_TWO
Useful Windows Event IDs
Yara
Web Attacks
close up view of system hacking
NIST Cybersecurity Framework (CSF) and ISO/IEC 27001
close up view of system hacking
Digital Operational Resilience Act (DORA)
Test Page
CTI_June2024: Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
TD_003
Wazuh: Detecting Web Attacks
TD_003
Ingesting OPNsense logs into Wazuh SIEM
THREAT EMULATION: Introduction
Decoding
IR_002
Code Obfuscation and Deobfuscation
Incident Response
Remote Monitoring and Management software used in phishing attacks
Pyramid of Pain
MISP (Malware Information Sharing Platform)
SOC Home LAB: Elastic SIEM Installation
Incident Report Template
Windows Event Logs
Wireshark 101 | Packet Operations
SOC Tools and Useful Links
ELASTIC SIEM: Kibana Query Language (KQL) 
MITRE Framework
GOAD v2 Installation
DFIR: Core Windows Processes
Remotely Upgrading Wazuh Agents – CLI Method
L4 – L7 Load Balancing
BIG-IP LTM: Deployment Models
BIG-IP LTM: Load Balancing Methods
Threat Intelligence for SOC
Threat Detection: Detecting a Webserver Attack
Detection Engineering vs Threat Hunting
Linux System Hardening
DFIR: Linux File System Analysis
Yara 101
NetworkMiner
TCPView
Intro to Practical Enterprise Pentesting
High-Risk Vulnerabilities in ConnectWise ScreenConnect and Remediation procedure
AD Attacks & Tools Timeline
AD Fundamentals
Breaching AD
Cyber Kill Chain
Splunk SPL 101
Practical Threat Hunting using Elastic SIEM: Hunting for Stuxbot
Netminer
Introduction to Network Forensics
Wireshark: 802.11 Denial of Service
Analysis with Wireshark
Posted inMetasploit RED TEAM

Metasploit: Quick Reference Sheet

Metasploit / msfvenom / Meterpreter Cheat Sheet // Metasploit Framework Cheat Sheet msfconsole, msfvenom payload generation, and Meterpreter post-exploitation reference for adversary simulation, purple team exercises, and detection engineering. Commands mapped to MITRE ATT&CK where applicable.…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

HAVOC C2: COMMAND & CONTROL FRAMEWORK [PART – I]

A deep-dive into deploying and operating Havoc — the modern, open-source post-exploitation C2 framework built for red teams and purple team simulation labs. From installation and team server configuration to listener setup, payload generation, and agent…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inSOC Analyst Traffic Analysis Threat Detection and Incident Response

Wireshark Threat Hunting – From Packets to Indicators [HTTP: DEEP-DIVE]

HTTP/HTTP2 Deep-Dive — Wireshark DFIR // HTTP / HTTP2 — Deep-Dive Filter Reference Granular Wireshark display filters for HTTP/1.1 and HTTP/2 — request methods, path & file access, credential extraction, brute force detection, SQL injection, XSS,…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

SETUP DVWA ON WINDOWS

Introduction to DVWA Damn Vulnerable Web Application (DVWA) is one of the most widely used platforms for learning and practicing web application security testing. As the name suggests, it is a deliberately vulnerable web application designed…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inSOC Analyst Traffic Analysis Threat Detection and Incident Response

Wireshark Threat Hunting – From Packets to Indicators [SMB: DEEP-DIVE]

SMB & Windows Auth Deep-Dive — Wireshark DFIR // SMB & Windows Auth — Deep-Dive Filter Reference Granular Wireshark display filters for SMB2 file & share access (paths, users, operations, error codes), NTLM authentication flow, Kerberos…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Posted inSOC Analyst Traffic Analysis Threat Detection and Incident Response

Wireshark Threat Hunting – From Packets to Indicators

Wireshark DFIR Cheat Sheet // Wireshark DFIR Cheat Sheet Display filters, detection techniques, traffic analysis workflows, and TShark CLI commands for Digital Forensics & Incident Response. Filters are mapped to MITRE ATT&CK where applicable. Wireshark 4.x…
Continue Reading
Posted by Avatar photo Bharath Narayanasamy
Caldera: Simulating a Complete Attack Chain
Posted inRED TEAM

Caldera: Simulating a Complete Attack Chain

Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective. Before continuing further, please refer this…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Elastic, wazuh, caldera, ELK
Installing Caldera on ParrotOS: A Smoother Experience Compared to Ubuntu and Kali Linux
Posted inRED TEAM

Installing Caldera on ParrotOS: A Smoother Experience Compared to Ubuntu and Kali Linux

Introduction MITRE Caldera is a powerful adversary emulation platform used for cybersecurity testing and red teaming. However, recent attempts to install Caldera on Ubuntu and Kali Linux have been met with issues—primarily due to the newer…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: caldera, parrotOS
Vulnerability Management: FARADAY
Posted inSOC Analyst BLUE TEAM Vulnerability Scanning

Vulnerability Management: FARADAY

Faraday: Open Source Vulnerability Manager Faraday is a powerful open-source vulnerability management platform designed to help cybersecurity teams streamline their pentesting, vulnerability assessment, and remediation processes. Built with a collaborative and automation-driven approach, Faraday enables security…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: faraday, vuln
Atomic Red Team – A Framework for Threat Emulation: PART II
Posted inRED TEAM

Atomic Red Team – A Framework for Threat Emulation: PART II

This is the PART II article in the Atomic RED series. Please follow this link to read PART I of the series. Listing Atomic Techniques We can use the parameters - ShowDetailsBrief and ShowDetails that provide the details inside…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Atomic RED
Atomic Red Team – A Framework for Threat Emulation: PART I
Posted inRED TEAM

Atomic Red Team – A Framework for Threat Emulation: PART I

Overview What is Atomic Red Atomic Red Team is an open-source framework designed for security testing and threat emulation. It allows security professionals to simulate real-world cyberattacks and assess the effectiveness of security controls and incident…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Atomic RED
Data Manipulation in Splunk: PART II
Posted inSplunk Splunk Basics

Data Manipulation in Splunk: PART II

Event Boundaries Event breaking in Splunk refers to breaking raw data into individual events based on specified boundaries. Splunk uses event-breaking rules to identify where one event ends, and the next begins. In the PART I of this series, we…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: splunk
Data Manipulation in Splunk: PART I
Posted inSplunk Splunk Basics

Data Manipulation in Splunk: PART I

Splunk Log Parsing and Transformation Configuration Splunk needs to be properly configured to parse and transform the logs appropriately. Some of the issues being highlighted are: Event Breaking: Ensure Splunk correctly breaks events for proper indexing…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: splunk
Regular Expressions
Posted inThreat Hunting SOC Analyst Splunk

Regular Expressions

Regular Expressions: Charsets Searching for Specific Strings Use grep 'string' <file> to search for an exact match. To find patterns rather than exact strings, Regular Expressions (regex) are used. Charsets in Regex Definition: Enclosed in […
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: splunk
Active Directory Domain Service (AD DS)
Posted inAttacking Active Directory Active Directory

Active Directory Domain Service (AD DS)

Overview AD DS acts as a catalog for all objects in a network (users, groups, machines, printers, etc.). Some objects, such as users and machines, are security principals, meaning they can be authenticated and assigned privileges.…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: AD attacks
GRC 101: SimpleRisk Core (Community Edition)
Posted inGRC

GRC 101: SimpleRisk Core (Community Edition)

What is SimpleRisk CORE (Community Edition)? SimpleRisk CORE (Community Edition) is an open-source Governance, Risk, and Compliance (GRC) tool designed to help organizations identify, assess, and manage risks effectively. It provides a structured framework for risk…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: GRC, SimpleRisk

Posts pagination

Previous page 1 2 3 4 5 … 18 Next page

Recent Posts

  • Metasploit: Quick Reference Sheet
  • HAVOC C2: COMMAND & CONTROL FRAMEWORK [PART – I]
  • Wireshark Threat Hunting – From Packets to Indicators [HTTP: DEEP-DIVE]
  • SETUP DVWA ON WINDOWS
  • Wireshark Threat Hunting – From Packets to Indicators [SMB: DEEP-DIVE]

Categories

AD AD attacks brute-force c2 caldera dfir drupal Elastic linux NIST red-team SIEM snort splunk Threat Intel threat_detection Threat_hunting vulnhub wazuh wireshark

You May Have Missed
Posted inMetasploit RED TEAM

Metasploit: Quick Reference Sheet

Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

HAVOC C2: COMMAND & CONTROL FRAMEWORK [PART – I]

Posted by Avatar photo Bharath Narayanasamy
Posted inSOC Analyst Traffic Analysis Threat Detection and Incident Response

Wireshark Threat Hunting – From Packets to Indicators [HTTP: DEEP-DIVE]

Posted by Avatar photo Bharath Narayanasamy
Posted inRED TEAM

SETUP DVWA ON WINDOWS

Posted by Avatar photo Bharath Narayanasamy
Copyright 2026 — NetwerkLABS. Powered by TekGenX Consulting. All rights reserved.
Scroll to Top

Powered by
►
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
►
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
►
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
►
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
►
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
None
Powered by