SIEM on JO's USBhttps://josusb.com/tags/siem/Recent content in SIEM on JO's USBHugo -- gohugo.ioCopyright © 2021-2024 JO. All Rights Reserved.Sat, 25 May 2024 00:00:00 +0000CTF Guide: Benignhttps://josusb.com/blog/ctf-benign/Sat, 25 May 2024 00:00:00 +0000https://josusb.com/blog/ctf-benign/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is part of the <a href="https://tryhackme.com/path/outline/soclevel1" target="_blank" rel="noopener noreferrer">SOC Level 1<i class="fas fa-external-link-square-alt ms-1"></i></a> learning path on TryHackMe. You are tasked to investigate a compromised corporate system using limited Splunk logs.</p>CTF Guide: Hunt Me II - Typo Squattershttps://josusb.com/blog/ctf-huntme-ii/Mon, 13 May 2024 00:00:00 +0000https://josusb.com/blog/ctf-huntme-ii/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is the final challenge of the <a href="https://tryhackme.com/module/threat-hunting" target="_blank" rel="noopener noreferrer">Threat Hunting<i class="fas fa-external-link-square-alt ms-1"></i></a> module on THM. It follows-up right after Hunt Me I, but the questions guide the investigation much less than before.</p>CTF Guide: Hunt Me I - Payment Collectorshttps://josusb.com/blog/ctf-huntme-i/Fri, 10 May 2024 00:00:00 +0000https://josusb.com/blog/ctf-huntme-i/<p>This <span class="dictionary" data-text="Capture The Flag refers to finding hidden messages (flags) on a computer network as a challenge. Finding flags usually requires some form of hacking. Popular CTF platforms include Hack The Box &amp; TryHackMe.">CTF</span> is a threat-hunting practice scenario. We&rsquo;ll have to investigate malicious activity on a computer that&rsquo;s been the victim of a phishing attack, from initial access all the way to stealing confidential data.</p>