Caldera: Simulating a Complete Attack Chain

This entry is part 10 of 13 in the series Red Team Engagements

Views: 17Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective. Before continuing further, please refer this article which details the procedure to setup Caldera on ParrotOS. For this scenario, we will emulate the following … Read more

Threat Detection: Detecting a Webserver Attack

This entry is part 1 of 22 in the series Threat Detection Engineering

Views: 55LAB Setup Let’s use the DIWA ( Deliberately Insecure Web Application) vulnerable created by Tim Steufmehl , to setup the victim machine. Prepare a Linux machiine with Docker installed. Follow the these instructions to install Docker on Ubuntu. With the above steps, the DIWA app should be UP and running on the Linux VM. Let’s … Read more

Practical Threat Hunting using Elastic SIEM: Hunting for Stuxbot

This entry is part 7 of 22 in the series Threat Detection Engineering

Views: 363Based on the INTRODUCTION TO THREAT HUNTING & HUNTING WITH ELASTIC module from HTB-Academy Hunting for Stuxbot The Stuxbot cybercrime group operates with a broad scope, seizing upon opportunities as they arise, without any specific targeting strategy – their motto seems to be anyone, anytime.  The primary motivation behind their actions appears to be espionage … Read more