Cyber Incident Response with Splunk | TryHackMe Incident Handling with Splunk

Описание: 🚀 Cyber Security Certification Notes
https://shop.motasem-notes.net/collec...
🚀OR Certification Notes with Cheat Sheets
https://buymeacoffee.com/notescatalog...
💡Cyber Security Notes | Membership Access
https://buymeacoffee.com/notescatalog...
🔥Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog...
***
In this video walkthrough, we covered responding to cyber incident using Splunk to analyze the related events and uncover the attack artifacts.
******
Receive Cyber Security Field Notes, Certification Notes and Special Training Videos
   / @motasemhamdan  
Writeup
https://motasem-notes.net/cyber-incid...
*******
Splunk Training Playlist
   • Investigating Cerber Ransomware with Splun...  
********
LinkedIn
[1]:   / motasem-hamdan-7673289b  
[2]:   / motasem-eldad-ha-bb42481b2  
Instagram
  / motasem.hamdan.official  
Twitter
  / manmotasem  
Facebook
  / motasemhamdantty  
******
(0:00) - Introduction to Incident Handling with Splunk
(0:11) - Deploying the Machine and Investigating the Hacked Website
(1:25) - Uploading Data to Splunk and Searching Logs
(6:08) - Identifying the Attacker’s IP Address
(8:30) - Examining IDS Alerts and Exploit Attempts
(16:21) - Investigating Brute Force Attacks
(19:50) - Extracting Data from Brute Force Attempts
(27:19) - Analyzing the Exploitation Phase
(30:35) - Discovering the Backdoor and Malicious Executable
(33:22) - Reviewing the Trojan and Its Execution
(36:21) - Investigating Data Exfiltration Attempts
(39:52) - Uncovering the Defacement Image