Skip to content
-
Security You Can Trust, Expertise You Can Rely On. TekGenX Consulting
NetwerkLABS

Powered By TEKGENX CONSULTING

  • Home
  • BLUE TEAM
    • MITRE ATT&CK
    • INFOSEC Governance and Regulation
      • NIST
        • IDENTIFY
        • PROTECT
        • DETECT
        • RESPOND
        • RECOVER
      • Risk Management
    • SOC
      • Threat Detection and Incident Response
        • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
        • Threat Hunting
          • Traffic Analysis
        • Splunk
          • Splunk Basics
          • Understanding Log Sources
          • Dashboards and Reports
          • Exploring SPL
          • Incident Handling with Splunk
          • Investigating with Splunk
    • Security+
    • Scripting
      • Bash Scripting
      • Python
      • ZyBER-TOOLS
  • ZyBER-SERIES
    • Wazuh – SIEM and XDRThe Open Source Security Platform that provides Unified XDR and SIEM protection for endpoints and cloud workloads
    • Attack and Defend Active Directory
    • Offensive Testing Enterprise Networks
    • Threat Detection EngineeringA practical course on Threat Detection Engineering using Elastic SIEM/EDR
    • F5 Local Traffic Manager (LTM)F5 Local Traffic Manager (LTM)
    • Incident Response and Forensics
    • Red Team Engagements
  • ZyBER-INTEL
  • ZyBER-NEWS
  • Cookie Policy (EU)
Subscribe

threat_detection

  • Home
  • threat_detection
OpenCTI – Open Source Threat Intelligence Platform: PART I
Posted inVulnLAB

OpenCTI – Open Source Threat Intelligence Platform: PART I

OpenCTI (Open Cyber Threat Intelligence Platform) is a powerful open-source solution designed to help security teams collect, store, organize, and visualize threat intelligence in a structured way. Whether you’re a SOC analyst, threat hunter, or security…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat Intel, threat_detection, OpenCTI
Hunting the hunters: DFIR with Velociraptor (PART-II)
Posted inDFIR

Hunting the hunters: DFIR with Velociraptor (PART-II)

We covered the deployment of Velociraptor Server and Client components in the first part of this series. You can read it here if you're interested. This part of the series will walk you through the capabilities…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: threat_detection, dfir, Velociraptor
Thraet_Detect_TWO
Posted inThreat Hunting Threat Detection and Incident Response Understanding Log Sources

Useful Windows Event IDs

Windows System Logs Event ID 1074 (System Shutdown/Restart): This event log indicates when and why the system was shut down or restarted. By monitoring these events, you can determine if there are unexpected shutdowns or restarts, potentially…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: threat_detection, event-ids
Threat Intelligence for SOC
Posted inThreat Intelligence

Threat Intelligence for SOC

Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns to mitigate against potential risks associated with existing or emerging threats targeting organisations, industries, sectors or governments. There are…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat Intel, threat_detection
Detection Engineering vs Threat Hunting
Posted inThreat Intelligence

Detection Engineering vs Threat Hunting

DETECTION ENGINEERING: REINFORCING THE KNOWN Threat detection is the process of identifying threats in an organization that is actively trying to attack the endpoints, networks, devices and systems. Unlike threat hunting, a threat detection is a…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: threat_detection, detection_engineering
Netminer
Posted inDETECT Traffic Analysis Threat Hunting

Netminer

NetworkMiner CapabilityDescriptionTraffic sniffingIt can intercept the traffic, sniff it, and collect and log packets that pass through the network.Parsing PCAP filesIt can parse pcap files and show the content of the packets in detail.Protocol analysisIt can identify the…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: Threat_hunting, threat_detection, netminer, dfir
Posted inTraffic Analysis SOC Analyst Threat Detection and Incident Response

Introduction to Network Forensics

Source: Tryhackme Networkminer room Introduction to Network Forensics Network Forensics is a specific subdomain of the Forensics domain, and it focuses on network traffic investigation. Network Forensics discipline covers the work done to access information transmitted…
Read More
Posted by Avatar photo Bharath Narayanasamy Tags: networkminer, traffic_analysis, threat_detection, dfir, BLUE

Recent Posts

  • HAVOC C2: COMMAND & CONTROL FRAMEWORK [PART – I]
  • Wireshark Threat Hunting – From Packets to Indicators [HTTP: DEEP-DIVE]
  • SETUP DVWA ON WINDOWS
  • Wireshark Threat Hunting – From Packets to Indicators [SMB: DEEP-DIVE]
  • Wireshark Threat Hunting – From Packets to Indicators

Categories

AD AD attacks brute-force caldera CISO dfir Elastic hydra linux NIST red-team SIEM snort splunk Threat Intel threat_detection Threat_hunting vulnhub wazuh wireshark

Copyright 2026 — NetwerkLABS. Powered by TekGenX Consulting. All rights reserved.
Scroll to Top

Powered by
►
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
►
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
►
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
►
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
►
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
None
Powered by