all InfoSec news
Analyzing Attacker Recon to Malware Installation - TryHackMe Incident Handling with Splunk (Part 1)
April 1, 2024, noon | CYBERWOX
CYBERWOX www.youtube.com
Room: https://tryhackme.com/room/splunk201
TIMESTAMPS:
00:00 Intro
00:40 Scenario
01:25 Splunk
01:43 Orienting Ourselves With The Data
04:28 Investigating Reconnaissance
13:02 The Suricata Alert
13:47 The Content Management System (CMS)
14:22 The Web Scanner
14:53 The Compromised Server
15:41 Investigating Exploitation
26:52 Extracting Credentials using Regex
28:34 Understanding The Regex
31:20 The User Agent
33:09 The URI
33:20 The Username
34:05 The Password
34:47 Unique Passwords
35:06 Splunk Uniq Command?
36:15 Dedup!
36:46 The Bruteforcing IP
37:04 …
agent alert cms compromised credentials data exploitation management management system password reconnaissance regex scanner scenario server splunk suricata system the web timestamps understanding uri username web
More from www.youtube.com / CYBERWOX
Learn Cybersecurity FASTER in 2024 - Trainings, Certifications & Courses
5 days, 16 hours ago |
www.youtube.com
Investigating Exploitation to Malware Delivery with Splunk
1 week, 5 days ago |
www.youtube.com
Staff Cybersecurity Engineering Responsibilities #cybersecurity
2 weeks, 2 days ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Sr. Staff Firmware Engineer – Networking & Firewall
@ Axiado | Bengaluru, India
Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)
@ SAP | Walldorf, DE, 69190
SAP Security Administrator
@ FARO Technologies | EMEA-Portugal