Step-by-Step Guide to Setting Up Snort as Your HomeLab IDS with wazuh (SIEM) Integration in 2024Oct 16, 2023·8 min read·12K
Malware Analysis I - Detecting Indicators of Compromise and malicious InfrastructureToday we will see how we can identify malware urls / indicators of compromise from malware and the malware sample we will use is: https://bazaar.abuse.ch/sample/41f76926477c7f8759900567ced4e5e1f9057e40d2a151badc873d23f372997e/ Stage 1 - comprobante_s...Mar 4, 2024·13 min read·602
How to get started with Monitoring on the Blue Team: A Step-By-Step GuideAug 29, 2023·14 min read·1.3K
Setting Up Wazuh as Your SIEM on Debian 12 & Proxmox: A Step-by-Step GuideAug 25, 2023·10 min read·30K
How does Kerberos work - an introduction for beginner.Introduction Kerberos is an authentication protocol that superseded NTLM with the release of Windows 2000 (technically…) Technically?! Well… It's complicated 😅 Long story short - NTLM is still alive and kicking and… it might still be the fall-back s...Aug 24, 2023·6 min read·2.2K
How to connect wazuh and discord: a Step-By-Step Guide.Wazuh comes with a couple of external integrations by default - among them are Slack, Virustotal, shuffle, and Pagerduty. The one that I missed was Discord - so I decided to build it. Now you can forward your all or specific alerts to a discord chann...Aug 21, 2023·5 min read·4.7K
How to upload iso files to your proxmox serverIn this article, we will go through the necessary steps to add installation disk images (iso and img files) to your proxmox server so that you can use them as installation media for virtual machines and lxc/lxd containers. First, make sure that you h...Apr 24, 2023·2 min read·2.6K
How to install Elasticsearch, Kibana and WinLogBeat in your CloudLab the lazy wayOverview In this post I will guide you through the installation of Elasticsearch, Kibana and Winlogbeat. We will walk through each step on Amazon Linux 2 (but the concept is similar for other Linux distributions). In part 2 we will see how we can use...Nov 14, 2022·9 min read·1.9K
How does traceroute workImagine you are working on a penetration test and you want to know how packets are traveling through the network. You want to identify routers and potentially other subnets, what tool do you use? traceroute to the rescue! Summary traceroute and its w...May 11, 2022·4 min read·322
The 10 ways hackers use to download files on WindowsWelcome to another episode of, Defender is blocking me and I don't like it. Your therapist says - Have you thought about AMSI, maybe that one is the problem? If you don't exactly know what these words mean but want to understand it better and are try...Dec 27, 2021·12 min read·2.0K
