Analyzing Attacker Recon to Malware Installation with Splunk
Автор: Day Johnson
Загружено: 2024-04-01
Просмотров: 1719
Описание:
TryHackMe Incident Handling with Splunk (Part 1)
Watch full stream here: https://www.youtube.com/live/tFDI0923...
Room: https://tryhackme.com/room/splunk201
TIMESTAMPS:
00:00 Intro
00:40 Scenario
01:25 Splunk
01:43 Orienting Ourselves With The Data
04:28 Investigating Reconnaissance
13:02 The Suricata Alert
13:47 The Content Management System (CMS)
14:22 The Web Scanner
14:53 The Compromised Server
15:41 Investigating Exploitation
26:52 Extracting Credentials using Regex
28:34 Understanding The Regex
31:20 The User Agent
33:09 The URI
33:20 The Username
34:05 The Password
34:47 Unique Passwords
35:06 Splunk Uniq Command?
36:15 Dedup!
36:46 The Bruteforcing IP
37:04 The Login IP
37:34 Investigation Installation
40:00 Was The Malware Executed?
42:46 The Malware Hash
43:45 Who Executed The Malware?
44:07 VirusTotal Analysis
_____________
🧬 CYBERWOX RESOURCES
🔹Cyber Stories Podcast: • Cyber Stories Podcast
🔷Day's Engineering Diary: • Day’s Engineering Diary
🔹Cyberwox Unplugged Newsletter: https://cyberwox.substack.com/
🔹Cyberwox Cybersecurity Notion Templates for planning your career: https://daycyberwox.gumroad.com/l/cyb...
🔹Cyberwox Best Entry-Level Cybersecurity Resume Template: https://daycyberwox.gumroad.com/l/cyb...
_____________
💼 CAREER RESOURCES
🔹Learn AWS Threat Detection with my LinkedIn Learning Course: / introduction-to-aws-threat-detection
🔹Get Started with the Google Cybersecurity Certificate: https://imp.i384100.net/B0Kz3J
🔹Get Started with the Microsoft Cybersecurity Certificate: https://imp.i384100.net/baPM4v
🔹Get Started with Course Careers [Code DAY50 for $50 off]: https://account.coursecareers.com/ref...
_____________
⚙️ OTHER RESOURCES
🔹My Content Equipment, Book Recommendations & Desk Setup: https://www.amazon.com/shop/daycyberwox
🔹Try the Deeper Connect Air Decentralized VPN: Try the Deeper Connect Air: https://www.indiegogo.com/projects/27...
_____________
⚡️JOIN CYBERWOX ACADEMY ON DISCORD!
/ discord
_____________
📱 LET'S CONNECT
IG: / daycyberwox
Twitter: / daycyberwox
Linkedin: / dayspringjohnson
Tiktok: / cyberwox
Email: [email protected]
_____________
#️⃣ Relevant Hashtags
#cybersecurity #incidentresponse #hacking #cloudsecurity #technology #tech #dallas #texas #cloud
_____________
⚠️DISCLAIMER
This video description has some affiliate links, and I may receive a small commission for purchases made through these links. I appreciate your support!
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке:
