by: tryhackme, TimTaylor, krotovolb Task 2, Benefits of SIEM for Analysts, covers Centralization, Correlation and Historical Events. Historical events are the ability for the SIEM to allow you to look at past events to observe patterns. Task 3 covers…
by: tryhackme, SecurityNomad This whole room is a great network refresher which is why I have taken a lot of snippets to come back to if need be. Task 2, IP Building Blocks, covers DNS and why it matters…
by: tryhackme, SecurityNomad Go ahead and boot up the VM because with Task 2, we will already be using it. “One file displays one of the indicators mentioned. Can you identify the file and the indicator? (Answer: file, property)”…
by: tryhackme, SecurityNomad, TactfulTurtle There’s a lot of great reading material in this room(which means a lot of snippets!) On to Task 3, CTI Lifecycle! THM presents a fictional scenarior that cover the phases of the CTI lifecycle. Per…
by: tryhackme, rePl4stic Task 2: Common LoL Tools and Techniques Task 3: Real-World Examples. This room gives examples of APT29 (Nobelium), BlackCat (ALPHV) ransomeware, and Cobalt Strike Loaders. In order to obtain the answer for one of the questions,…
by: tryhackme, rePl4stic Task 2 gives us a step-by-step guide on what to do when analyzing: “Which team uses malware analysis to look for IOCs and hunt for malware in a network?” Task 3 covers Static Vs Dynamic. You…
created by: tryhackme This room is a prerequisite to “Intro to Malware Analysis” on the SOC1 path: , which I will be doing after this room! Types of attack vectors that can be deployed against processes include: Process Masquerading (T1055.013)Process…
by: tryhackme, reP14stic This room covers a variety of Malware and gives great examples of real-world events. It’s brief but insightful. Probably the most technical read is Task 4, Binary Vs Script malware.
by: cmnatic This room is not part of the SOC path, but it’s recommended prior to starting one of the rooms on that path: I peeked at this room, and it’s filled with some good content I don’t…
by: tryhackme, TactfulTurtle In task 2, Reverse Shells, THM gives examples of how an attacker would go about starting a reverse shell! In this lab , we are also launching the AttackBox along with our Linux Threat Detection VM.…