all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SOC168 EventID:118 — Whoami Command Detected in Request Body — letsdefend.io

Add to bookmarks
Aug. 25, 2023, 3:46 p.m. | zapbroob

System Weakness - Medium systemweakness.com

SOC168 EventID:118 — Whoami Command Detected in Request Body — letsdefend.io

Let’s take a look at the alert report below.

 
EventID :118
Event Time :Feb, 28, 2022, 04:12 AM
Rule :SOC168 - Whoami Command Detected in Request Body
Level :Security Analyst
Hostname :WebServer1004
Destination IP Address :172.16.17.16
Source IP Address :61.177.172.87
HTTP Request Method :POST
Requested URL :https://172.16.17.16/video/
User-Agent :Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Alert Trigger Reason :Request Body Contains whoami string
Device Action :Allowed

The reason …

blue team incident response letsdefendio soc

Visit resource

More from systemweakness.com / System Weakness - Medium

Understanding CSRF Attacks: Safeguarding Your Web Applications 9 hours ago | systemweakness.com
applications attacks can compromise +26
Opacity — THM 9 hours ago | systemweakness.com
penetration testing pentesting tryhackme tryhackme-walkthrough +1
Learning the basics of authentication with Go and htmx 9 hours ago | systemweakness.com
encryption go htmx jwt +1
A Simple Git Misstep That Could Open Doors for Hackers 1 day, 16 hours ago | systemweakness.com
article can commit context +19
Exploring JWT Exploitation Methods 1 day, 16 hours ago | systemweakness.com
account account takeover arm continue +16
Unlocking the Network’s Secrets: A Thrilling Journey into Network Penetration Testing 1 day, 16 hours ago | systemweakness.com
cybersecurity don dream fear +15
NIDPS ⚔️ 1 day, 16 hours ago | systemweakness.com
abnormal administrator alert a network +21
How to Streamline Zombie Account Management? 2 days, 20 hours ago | systemweakness.com
access control access management account build +17
Understanding Cybersecurity Threats: Safeguarding Against Digital Perils 2 days, 21 hours ago | systemweakness.com
article consequences critical cyber +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Security Research Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

SOC Manager

@ Inbox Business Technologies | Islamabad, Islamabad Capital Territory, Pakistan
View on infosec-jobs.com

Cybersecurity Incident Response Program Manager (Hybrid)

@ UMB Bank | MO - Kansas City - 1010 Grand Blvd
View on infosec-jobs.com

Consultant, Cyber Risk Advisory | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Cybersecurity Bid Manager

@ Alstom | Derby, GB
View on infosec-jobs.com

Cyberspace Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com
View more jobs