Welcome🖐

Refer to Zeek Exercises for the challenge room on TryHackMe Case #1 - Anomalous DNS Scenario An alert triggered: "Anomalous DNS Activity". Inspect the PCAP and retrieve the artefacts to confirm this alert is a true positive. Task During this exercise, we will use the Zeek command with the -Cr... [Read More]

Refer to Live Attacks for the challenge room on TryHackMe Scenario #1, Brute-force The company is under the brute-force attack, observe the traffic with Snort and identify the anomaly first. Then creating a rule to stop the attack. Start Snort in sniffer mode and figure out the attack source, service... [Read More]

Refer to The Basics for the challenge room on TryHackMe Writing IDS Rules (HTTP) Write a single rule to detect "all TCP port 80 traffic" packets in the given pcap file. Number of detected packets?Since the question pertains to HTTP traffic (TCP port 80), the rule should specify tcp port... [Read More]

This is a demo post to show you how to write blog posts with markdown. I strongly encourage you to take 5 minutes to learn how to write in markdown - it’ll teach you how to transform regular text into bold/italics/tables/etc.I also encourage you to look at the code that... [Read More]

Under what circumstances should we step off a path? When is it essential that we finish what we start? If I bought a bag of peanuts and had an allergic reaction, no one would fault me if I threw it out. If I ended a relationship with a woman who... [Read More]