Search for a command to run...
Articles tagged with #splunk
Introduction Email is a critical communication channel in any organisation, which makes it a prime target for attackers. Once a mailbox is compromised, attackers can read emails, exfiltrate sensitive
Introduction SharePoint Online is one of the most targeted M365 services, as it often stores sensitive files and can be used to propagate the attack. This room will explore the most common attack scen
Introduction In an AD environment, attackers who compromise a single account rarely stop there. They use built-in protocols like SMB and RDP to move from the initial foothold to servers that hold what
Website defacement is one of the more visible outcomes of a successful cyberattack, and investigating one end-to-end is a great way to practice mapping attacker behavior across the full Cyber Kill Cha
Cloud identity attacks don't announce themselves with malware alerts or network intrusions; they show up as a login. One valid set of credentials is all an attacker needs to walk straight through the
When people think about Active Directory attacks, they often jump straight to lateral movement and privilege escalation. But before any of that happens, an attacker needs a foothold and in most enterp
