Skip to content
-
Security You Can Trust, Expertise You Can Rely On. TekGenX Consulting
NetwerkLABS

Powered By TEKGENX CONSULTING

  • Home
  • BLUE TEAM
    • MITRE ATT&CK
    • INFOSEC Governance and Regulation
      • NIST
        • IDENTIFY
        • PROTECT
        • DETECT
        • RESPOND
        • RECOVER
      • Risk Management
    • SOC
      • Threat Detection and Incident Response
        • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
        • Threat Hunting
          • Traffic Analysis
        • Splunk
          • Splunk Basics
          • Understanding Log Sources
          • Dashboards and Reports
          • Exploring SPL
          • Incident Handling with Splunk
          • Investigating with Splunk
    • Security+
    • Scripting
      • Bash Scripting
      • Python
      • ZyBER-TOOLS
  • ZyBER-SERIES
    • Wazuh – SIEM and XDRThe Open Source Security Platform that provides Unified XDR and SIEM protection for endpoints and cloud workloads
    • Attack and Defend Active Directory
    • Offensive Testing Enterprise Networks
    • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
    • F5 Local Traffic Manager (LTM)F5 Local Traffic Manager (LTM)
    • Incident Response and Forensics
    • Red Team Engagements
  • ZyBER-INTEL
  • ZyBER-NEWS
  • Cookie Policy (EU)
Subscribe

Incident Response and Forensics

  • Home
  • Incident Response and Forensics
Posted inThreat Detection and Incident Response

Incident Handling Life Cycle

NIST - Security Incident Handling 1. Preparation The preparation phase covers the readiness of an organization against an attack. That means documenting the requirements, defining the policies, incorporating the security…
Read More
Posted by Avatar photo Bharath Narayanasamy
DFIR: Core Windows Processes
Posted inIntrusion Detection and Response RESPOND

DFIR: Core Windows Processes

Reference: TryHackMe Room "Core Windows Processes" Core Windows Processes Understanding how the Windows operating system functions as a defender is vital.  Task Manager doesn't show a Parent-Child process view. That…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inDETECT Traffic Analysis SOC Analyst

Introduction to Network Forensics

Source: Tryhackme Networkminer room Introduction to Network Forensics Network Forensics is a specific subdomain of the Forensics domain, and it focuses on network traffic investigation. Network Forensics discipline covers the…
Read More
Posted by Avatar photo Bharath Narayanasamy
Netminer
Posted inBLUE TEAM DETECT Traffic Analysis

Netminer

NetworkMiner CapabilityDescriptionTraffic sniffingIt can intercept the traffic, sniff it, and collect and log packets that pass through the network.Parsing PCAP filesIt can parse pcap files and show the content of the packets…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inSplunk

Splunk SPL 101

Read More
Posted by Avatar photo Bharath Narayanasamy
Threat Intelligence Tools – URLScan.io
Posted inThreat Hunting Threat Intelligence

Threat Intelligence Tools – URLScan.io

Urlscan.io is a free service developed to assist in scanning and analysing websites. It is used to automate the process of browsing and crawling through websites to record activities and interactions.…
Read More
Posted by Avatar photo Bharath Narayanasamy
Posted inSplunk

Splunk Fundamentals

Splunk Components Splunk Forwarder Splunk Forwarder is a lightweight agent installed on the endpoint intended to be monitored, and its main task is to collect the data and send it to…
Read More
Posted by Avatar photo Bharath Narayanasamy
Threat Intelligence Tools – Abuse.ch
Posted inThreat Intelligence

Threat Intelligence Tools – Abuse.ch

Abuse.ch Platform Abuse.ch is a research project hosted by the Institue for Cybersecurity and Engineering at the Bern University of Applied Sciences in Switzerland. It was developed to identify and track…
Read More
Posted by Avatar photo Bharath Narayanasamy
Wireshark 101 | Packet Operations
Posted inVulnLAB Threat Detection and Incident Response DETECT

Wireshark 101 | Packet Operations

Wireshark: Packet Operations Statistics | Summary This menu provides multiple statistics options ready to investigate to help users see the big picture in terms of the scope of the traffic,…
Read More
Posted by Avatar photo Bharath Narayanasamy
Wireshark 101 | Traffic Analysis and Investigation (PART 01)
Posted inThreat Detection and Incident Response

Wireshark 101 | Traffic Analysis and Investigation (PART 01)

Wireshark: Traffic Analysis Display Filter Reference Investigating Nmap scans Nmap is an industry-standard tool for mapping networks, identifying live hosts and discovering the services. As it is one of the…
Read More
Posted by Avatar photo Bharath Narayanasamy

Posts pagination

1 2 Next page

Recent Posts

  • The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: II)
  • The Bait Lab – Phishing Simulations, Practical Campaigns with GoPhish & Evilginx (PART: I)
  • RED Teaming: Mythic C2 Framework
  • Installing OpenBAS: The OpenSource Breach and Attack Simulation
  • Metasploit Framework (MSFconsole) Cheatsheet

Categories

AD AD attacks brute-force caldera dfir drupal Elastic linux LTM NIST red-team SIEM snort splunk Threat Intel threat_detection Threat_hunting vulnhub wazuh wireshark

Copyright 2025 — NetwerkLABS. Powered by TekGenX Consulting. All rights reserved.
Scroll to Top

Powered by
...
►
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
►
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
►
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
►
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
►
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
None
Powered by