Traffic Analysis Pitfalls (TryHackMe)
Link to the challenge/walkthrough on TryHackMe: Traffic Analysis Pitfalls Introduction It is 02:47. Our SIEM fires an alert. Alert: Large Outbound Transfer Source: 10.10.15.44 (WKST-FINANCE-04) D

Search for a command to run...
Articles tagged with #splunk
Link to the challenge/walkthrough on TryHackMe: Traffic Analysis Pitfalls Introduction It is 02:47. Our SIEM fires an alert. Alert: Large Outbound Transfer Source: 10.10.15.44 (WKST-FINANCE-04) D

Introduction Email is a critical communication channel in any organisation, which makes it a prime target for attackers. Once a mailbox is compromised, attackers can read emails, exfiltrate sensitive

Introduction SharePoint Online is one of the most targeted M365 services, as it often stores sensitive files and can be used to propagate the attack. This room will explore the most common attack scen

Introduction In an AD environment, attackers who compromise a single account rarely stop there. They use built-in protocols like SMB and RDP to move from the initial foothold to servers that hold what

Website defacement is one of the more visible outcomes of a successful cyberattack, and investigating one end-to-end is a great way to practice mapping attacker behavior across the full Cyber Kill Cha

Cloud identity attacks don't announce themselves with malware alerts or network intrusions; they show up as a login. One valid set of credentials is all an attacker needs to walk straight through the
