Powered By TEKGENX CONSULTING
Views: 17Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective. Before continuing further, please refer this article which details the procedure to setup Caldera on ParrotOS. For this scenario, we will emulate the following … Read more
Views: 55LAB Setup Let’s use the DIWA ( Deliberately Insecure Web Application) vulnerable created by Tim Steufmehl , to setup the victim machine. Prepare a Linux machiine with Docker installed. Follow the these instructions to install Docker on Ubuntu. With the above steps, the DIWA app should be UP and running on the Linux VM. Let’s … Read more
Views: 363Based on the INTRODUCTION TO THREAT HUNTING & HUNTING WITH ELASTIC module from HTB-Academy Hunting for Stuxbot The Stuxbot cybercrime group operates with a broad scope, seizing upon opportunities as they arise, without any specific targeting strategy – their motto seems to be anyone, anytime. The primary motivation behind their actions appears to be espionage … Read more
Views: 29Use case 1: Failed Logon Attempts (Disabled Users) Use case 2: Failed Logon Attempts (using Admin Accounts) Use case 3: Successful RDP Logon Related To Service Accounts Use case 4: Users Added Or Removed From A Local Group
Views: 19How To Build SIEM Use Cases Example SIEM Use cases Use case 1: Microsoft Build Engine Started By An Office Application A practical example using the Elastic stack as a SIEM solution to help understand how to map each of the use case points listed above. MSBuild, part of the Microsoft Build Engine, is … Read more