Let’s cover the basics of Osquery. Task 1 Introduction Osquery is an open-source agent created by Facebook in 2014. It converts the operating system into a relational database. It allows us to ...

Learn about fundamentals, methodology, and tooling for endpoint security monitoring. Task 1 Room Introduction In this room, we will introduce the fundamentals of endpoint security monitoring, e...

TryHackMe Wireshark:Traffic Analysis — Task 9 Bonus: Hunt Cleartext Credentials!, Task 10 Bonus: Actionable Results!, and Task 11 Conclusion If you haven’t done tasks 7 and 8 yet, here is the li...

If you haven’t done tasks 5 and 6 yet, here is the link to my write-up of them: Task 5 Tunneling Traffic: DNS and ICMP & Task 6 Cleartext Protocol Analysis: FTP Getting the VM Started Startin...

I first want to thank Secure Point Solutions for their aid in this investigation. They helped by allowing me access to their demo account. All alerts mentioned were randomly generated and not l...

If you haven’t done tasks 3 and 4 yet, here is the link to my write-up of them: Task 3 ARP Poisoning & Man In The Middle and Task 4 Identifying Hosts: DHCP, NetBIOS and Kerberos Getting the ...

If you haven’t done tasks 1 and 2 yet, here is the link to my write-up of them: Task 1 Introduction & Task 2 Nmap Scans Getting the VM Started Starting at Task 1, you will see the green Star...

Learn the basics of traffic analysis with Wireshark and how to find anomalies on your network! Task 1 Introduction In this room, we will cover the techniques and key points of traffic analysis wi...

If you haven’t done tasks 3, 4, and 5 yet, here is the link to my write-up of them: Task 3 Statistics-Protocol Details, Task 4 Packet Filtering-Principles, & Task 5 Packet Filtering-Protocol Fi...

If you haven’t done tasks 1 & 2 yet, here is the link to my write-up of them: Task 1 Introduction & Task 2 Statistics-Summary Getting the VM Started Starting at Task 1, you will see the g...