Powered By TEKGENX CONSULTING
Views: 7Wireshark: Traffic Analysis Display Filter Reference Investigating Nmap scans Nmap is an industry-standard tool for mapping networks, identifying live hosts and discovering the services. As it is one of the most used network scanner tools, a security analyst should identify the network patterns created with it. Common Nmap scan types, It is essential to know … Read more
Views: 4Wireshark: Packet Operations Statistics | Summary This menu provides multiple statistics options ready to investigate to help users see the big picture in terms of the scope of the traffic, available protocols, endpoints and conversations, and some protocol-specific details like DHCP, DNS and HTTP/2. For a security analyst, it is crucial to know how to … Read more
Views: 211- IP & URL Reputation 1. Virus Total : https://www.virustotal.com/gui/home/upload2. URL Scan : https://urlscan.io/3. AbuseIPDB: https://www.abuseipdb.com/4. Cisco Talos: https://www.talosintelligence.com/5. IBM X-Force: https://lnkd.in/gt8iyHE56. URL Filtering(Palo Alto): https://lnkd.in/e4bkm5Eq7. URL Filtering(Symantec): https://lnkd.in/g4qQGsHG8. IP Void: https://www.ipvoid.com/9. URL Void: https://www.urlvoid.com/ 2- File | Hash | Search | Analysis | Sandboxing 1. File Extension >>https://filesec.io/# 2. LOLBAS >>https://lnkd.in/dDa8XgiM 3. GTFOBins >>https://lnkd.in/dRVzVz87 4. File Hash Check >> https://lnkd.in/gNqxtn4d 5. Hash Search … Read more
Views: 46Different Syntax Languages Kibana supports two types of syntax languages for querying in Kibana: KQL (Kibana Query Language) and Lucene Query Syntax. Special Characters Certain characters are reserved in ELK queries and must be escaped before usage. Reserved characters in ELK include +, -, =, &&, ||, &, | and !. For instance, using the + character in a query will result in an error; to escape this character, precede it with … Read more
Views: 20MITRE ATT&CK Navigator https://mitre-attack.github.io/attack-navigator MITRE D3FEND https://d3fend.mitre.org MITRE ENGAGE MITRE Engage MITRE Engage Matrix ATT&CK Emulation Plans https://mitre-engenuity.org Center of Threat-Informed Defense (CTID) Cyber Analytics Repository https://car.mitre.org
Views: 17Shodan is a search engine for Internet-connected devices.It lets users search for various types of servers (webcams, routers, servers, etc.) connected to the internet using a variety of filters.Some have also described it as a search engine of service banners, which is metadata that the server sends back to the client.This can be information … Read more
Views: 76Game Of Active Directory The following steps explain the procedure to setup the GOADv2 LAB environment to pentest Active Directory. Warning This lab is extremely vulnerable, do not reuse recipe to build your environment and do not deploy this environment on internet without isolation (this is a recommendation, use it as your own risk). This … Read more
Views: 23Reference: TryHackMe Room “Core Windows Processes” Core Windows Processes Understanding how the Windows operating system functions as a defender is vital. Task Manager doesn’t show a Parent-Child process view. That is where other utilities, such as Process Hacker and Process Explorer, come to the rescue. Process Hacker Process Explorer Command-line equivalent of obtaining information about the running … Read more
Views: 47To upgrade agents using the command line, use the agent_upgrade tool as follows: List all the agents with outdated software: [root@wazuh-server wazuh-user]# /var/ossec/bin/agent_upgrade -lID Name Version 001 zyberpatrol-pdc Wazuh v4.7.1 Upgrade the agent with ID 001 using the ‘-a’ parameter followed by the agent ID: [root@wazuh-server wazuh-user]# /var/ossec/bin/agent_upgrade -a 001 Upgrading… Upgraded agents: Agent 001 upgraded: Wazuh v4.7.1 … Read more
Views: 37 Load Balancers Despite the name, a Load Balancer does not only balance the load: some of its core functionalities are: L4 to L7 Network Services Definition L4-L7 Network Services Definition are a set of functions such as: load balancing, web application firewalls, service discovery, and monitoring for network layers within the Open Systems Interconnection (OSI) model. … Read more