Skip to content
-
Security You Can Trust, Expertise You Can Rely On. TekGenX Consulting
NetwerkLABS

Powered By TEKGENX CONSULTING

  • Home
  • BLUE TEAM
    • MITRE ATT&CK
    • INFOSEC Governance and Regulation
      • NIST
        • IDENTIFY
        • PROTECT
        • DETECT
        • RESPOND
        • RECOVER
      • Risk Management
    • SOC
      • Threat Detection and Incident Response
        • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
        • Threat Hunting
          • Traffic Analysis
        • Splunk
          • Splunk Basics
          • Understanding Log Sources
          • Dashboards and Reports
          • Exploring SPL
          • Incident Handling with Splunk
          • Investigating with Splunk
    • Security+
    • Scripting
      • Bash Scripting
      • Python
      • ZyBER-TOOLS
  • ZyBER-SERIES
    • Wazuh – SIEM and XDRThe Open Source Security Platform that provides Unified XDR and SIEM protection for endpoints and cloud workloads
    • Attack and Defend Active Directory
    • Offensive Testing Enterprise Networks
    • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
    • F5 Local Traffic Manager (LTM)F5 Local Traffic Manager (LTM)
    • Incident Response and Forensics
    • Red Team Engagements
  • ZyBER-INTEL
  • ZyBER-NEWS
  • Cookie Policy (EU)
Subscribe

Elastic

  • Home
  • Elastic
Caldera: Simulating a Complete Attack Chain
Posted inRED TEAM

Caldera: Simulating a Complete Attack Chain

Attack Simulation In this blog post, we will explain the options to customise the Caldera framework and emulate an attack chain that traverses from Initial Access to Achieving the Objective. Before continuing further, please refer this…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: caldera, ELK, Elastic, wazuh
Threat Detection: Detecting a Webserver Attack
Posted inThreat Hunting Threat Detection and Incident Response

Threat Detection: Detecting a Webserver Attack

LAB Setup Let's use the DIWA ( Deliberately Insecure Web Application) vulnerable created by Tim Steufmehl , to setup the victim machine. Prepare a Linux machiine with Docker installed. Follow the these instructions to install Docker on…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: SIEM, Elastic
Practical Threat Hunting using Elastic SIEM: Hunting for Stuxbot
Posted inThreat Hunting Threat Detection and Incident Response Elastic SIEM

Practical Threat Hunting using Elastic SIEM: Hunting for Stuxbot

Based on the INTRODUCTION TO THREAT HUNTING & HUNTING WITH ELASTIC module from HTB-Academy Hunting for Stuxbot The Stuxbot cybercrime group operates with a broad scope, seizing upon opportunities as they arise, without any specific targeting…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat_hunting, Elastic
Posted inDETECT Elastic SIEM

Elastic SIEM: Developing Dashboards & Visualization

Use case 1: Failed Logon Attempts (Disabled Users) https://youtu.be/7Uyqek-FdwI Use case 2: Failed Logon Attempts (using Admin Accounts) https://youtu.be/UGRmsoqk0EM Use case 3: Successful RDP Logon Related To Service Accounts https://youtu.be/eRjA6TpEryk Use case 4: Users Added Or…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: SIEM, Elastic, Threat_hunting
Posted inBLUE TEAM DETECT Elastic SIEM

SIEM Use cases

How To Build SIEM Use Cases Comprehend your needs, risks, and establish alerts for monitoring all necessary systems accordingly. Determine the priority and impact, then map the alert to the kill chain or MITRE framework. Establish…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Usecase, SIEM, Elastic

Recent Posts

  • HAVOC C2: COMMAND & CONTROL FRAMEWORK [PART – I]
  • Wireshark Threat Hunting – From Packets to Indicators [HTTP: DEEP-DIVE]
  • SETUP DVWA ON WINDOWS
  • Wireshark Threat Hunting – From Packets to Indicators [SMB: DEEP-DIVE]
  • Wireshark Threat Hunting – From Packets to Indicators

Categories

AD AD attacks brute-force caldera CISO dfir Elastic hydra linux NIST red-team SIEM snort splunk Threat Intel threat_detection Threat_hunting vulnhub wazuh wireshark

Copyright 2026 — NetwerkLABS. Powered by TekGenX Consulting. All rights reserved.
Scroll to Top

Powered by
►
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
►
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
►
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
►
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
►
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
None
Powered by