by: tryhackme, ryla, TactfulTurtle “Phishing remains one of the most common and effective ways for attackers to gain initial access to target systems. To counter this, defenders can deploy a variety of tools and controls designed to protect users from…
“Sunny is a SOC analyst at E-corp, which manufactures rare earth metals for government and non-government clients. She receives a classified intelligence report that informs her that an APT group (APT28) might be trying to attack organizations similar to E-corp. To act on…
by: tryhackme, TactfulTurtle In the previous rooms, we have been analyzing emails, and now it’s time to use some tools to test our abilities! In task 3, Email header analysis, we are introduced to a Google tool that can…
by: tryhackme, TactfulTurtle “Each email sample showcased in this room will demonstrate different tactics used to make the phishing emails look legitimate. The more convincing the phishing email appears, the higher the chances the recipient will click on a malicious link, download and…
Room link: by: tryhackme, 1337rcel000g1c, TactfulTurtle “Spam and Phishing are common social engineering attacks. In social engineering, phishing attack vectors can be a phone call, a text message, or an email. As you should have already guessed, our focus is on email as the attack vector.” The room initially…
Room link: by: tryhackme, SecurityNomad, Aashir.Masood “To defend against attacks, a SOC team relies on various security solutions, such as SIEM, EDR, firewalls, and threat intelligence platforms. They also communicate with IT and management teams as part of their processes. However, as threats…
Room link: by: tryhackme, SecurityNomad While this is not part of the SOC Level 1 path, it was recommended at the beginning of the room “Introduction to SOAR”: I skimmed over the Tasks before I decided that it…
by: tryhackme, Dex01, Ashir.Masood “In this room, we will learn how the Elastic Stack (ELK) can be used for log analysis and investigations. Although ELK is not a traditional SIEM, many SOC teams use it like one because of its data searching and visualizing…
“Learn how to use SOC Simulator by completing your first scenario. Close all True Positive alerts to pass!” This is the first time being in the SOC Simulator. I’m excited as I have heard good things and have seen…
Room link: by: tryhackme, Dex01, Aashir.Masood “Splunk is one of the leading SIEM solutions in the market. It allows users to collect, analyze, and correlate network and machine logs in real time. In this room, we will explore the basics of Splunk and its…