all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analyzing Attacker Recon to Malware Installation - TryHackMe Incident Handling with Splunk (Part 1)

Add to bookmarks
April 1, 2024, noon | CYBERWOX

Day Cyberwox www.youtube.com

Watch full stream here: https://www.youtube.com/live/tFDI0923FXg?si=nC7WZ9v36FQVgjbx

Room: https://tryhackme.com/room/splunk201

TIMESTAMPS:
00:00 Intro
00:40 Scenario
01:25 Splunk
01:43 Orienting Ourselves With The Data
04:28 Investigating Reconnaissance
13:02 The Suricata Alert
13:47 The Content Management System (CMS)
14:22 The Web Scanner
14:53 The Compromised Server
15:41 Investigating Exploitation
26:52 Extracting Credentials using Regex
28:34 Understanding The Regex
31:20 The User Agent
33:09 The URI
33:20 The Username
34:05 The Password
34:47 Unique Passwords
35:06 Splunk Uniq Command?
36:15 Dedup!
36:46 The Bruteforcing IP
37:04 …

agent alert cms compromised credentials data exploitation management management system password reconnaissance regex scanner scenario server splunk suricata system the web timestamps understanding uri username web

Visit resource

More from www.youtube.com / Day Cyberwox

Modern Detection Engineering w/ Jimmy Vo | CYBER STORIES EP 15 1 day, 1 hour ago | www.youtube.com
academy career cloudcomputing clouds +19
What Does a Cybersecurity Incident Response Engineer Do? #cybersecurity #malware 3 days, 1 hour ago | www.youtube.com
academy affiliate cloud cloudcomputing +24
Asking Ex-Helpdesks How To Transition Into Cybersecurity 3 days, 8 hours ago | www.youtube.com
asking cybersecurity helpdesk it support +7
What Does a Cybersecurity Detection & Response Engineer DO? #cybersecurity 4 days, 1 hour ago | www.youtube.com
academy affiliate cloud cloudcomputing +21
What Does A Cybersecurity Engineer Do? (Corporate Security) #cybersecurity 6 days, 1 hour ago | www.youtube.com
academy affiliate cloud cloudcomputing +21
Cybersecurity Engineering Careers: CorpSec, Threat Detection & Incident Response Engineers | Part 1 1 week, 1 day ago | www.youtube.com
amp career careers corporate +19
Are Cybersecurity Skills & Certifications Worth It? #cybersecurity 1 week, 3 days ago | www.youtube.com
academy affiliate career certifications +20
The Best Path To Cybersecurity #cybersecurity 1 week, 4 days ago | www.youtube.com
academy affiliate cloud cloudcomputing +18
Cybersecurity Salaries: How Much Can You Make? #cybersecurity #salaries 1 week, 6 days ago | www.youtube.com
academy affiliate can career +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer

@ Commit | San Francisco
View on infosec-jobs.com

Trainee (m/w/d) Security Engineering CTO Taskforce Team

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Security Engineer

@ EY | Nicosia, CY, 1087
View on infosec-jobs.com

Information System Security Officer (ISSO) Level 3-COMM Job#455

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Application Security Engineer

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs