all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analyzing Attacker Recon to Malware Installation - TryHackMe Incident Handling with Splunk (Part 1)

Add to bookmarks
April 1, 2024, noon | CYBERWOX

CYBERWOX www.youtube.com

Watch full stream here: https://www.youtube.com/live/tFDI0923FXg?si=nC7WZ9v36FQVgjbx

Room: https://tryhackme.com/room/splunk201

TIMESTAMPS:
00:00 Intro
00:40 Scenario
01:25 Splunk
01:43 Orienting Ourselves With The Data
04:28 Investigating Reconnaissance
13:02 The Suricata Alert
13:47 The Content Management System (CMS)
14:22 The Web Scanner
14:53 The Compromised Server
15:41 Investigating Exploitation
26:52 Extracting Credentials using Regex
28:34 Understanding The Regex
31:20 The User Agent
33:09 The URI
33:20 The Username
34:05 The Password
34:47 Unique Passwords
35:06 Splunk Uniq Command?
36:15 Dedup!
36:46 The Bruteforcing IP
37:04 …

agent alert cms compromised credentials data exploitation management management system password reconnaissance regex scanner scenario server splunk suricata system the web timestamps understanding uri username web

Visit resource

More from www.youtube.com / CYBERWOX

Cybersecurity Training For Beginners & Everyone Else #cybersecurity 1 day, 16 hours ago | www.youtube.com
academy affiliate beginners cloud +20
Learn Cybersecurity FASTER in 2024 - Trainings, Certifications & Courses 5 days, 16 hours ago | www.youtube.com
amp analysis beginners blue +25
Asking Ex-Helpdesks How To Transition Into Cybersecurity 1 week ago | www.youtube.com
asking cybersecurity helpdesk it support +7
Investigating Exploitation to Malware Delivery with Splunk 1 week, 5 days ago | www.youtube.com
action amp analysis command +23
POV: Cybersecurity Incident Response Engineer #cybersecurity #hacker 2 weeks ago | www.youtube.com
cybersecurity cybersecurity incident cybersecurity incident response engineer +5
Staff Cybersecurity Engineering Responsibilities #cybersecurity 2 weeks, 2 days ago | www.youtube.com
academy amp career cloudcomputing +22
Modern Detection Engineering w/ Jimmy Vo | CYBER STORIES EP 15 2 weeks, 5 days ago | www.youtube.com
academy career cloudcomputing clouds +19
What Does a Cybersecurity Incident Response Engineer Do? #cybersecurity #malware 3 weeks ago | www.youtube.com
academy affiliate cloud cloudcomputing +24
What Does a Cybersecurity Detection & Response Engineer DO? #cybersecurity 3 weeks, 1 day ago | www.youtube.com
academy affiliate cloud cloudcomputing +21

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India
View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190
View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal
View on infosec-jobs.com