defenseguru – Medium

defenseguru

Email Analysis Challenge-Lets Defend

Upon receiving an unexpected email from someone claiming to represent a well-known company, the task was to carefully analyze its content…

Nov 6

Email Analysis Challenge-Lets Defend

Nov 6

SOC164 — Suspicious Mshta Behavior-LetsDefend

In this investigation we will begin by looking at the important artifacts given to us by the high alert. The rule name indicates a…

Nov 4

SOC164 — Suspicious Mshta Behavior-LetsDefend

Nov 4

Malware Traffic Analysis with Wireshark-LetsDefend

Wireshark is an open-source network protocol analyzer used for capturing and analyzing data traveling across a network in real-time. It’s…

Nov 3

Malware Traffic Analysis with Wireshark-LetsDefend

Nov 3

Splunk Attack Investigation Walkthrough(BOTSV1):Part 1

Scenario: A big corporate XYZ has recently faced a cyber-attack where the attackers broke into their network, found their way to the web…

Oct 29

Splunk Attack Investigation Walkthrough(BOTSV1):Part 1

Oct 29

LetsDefend: Search on Splunk

Splunk is a platform designed for searching, monitoring, and analyzing machine-generated data like logs from various sources in real-time…

Oct 13

LetsDefend: Search on Splunk

Oct 13

Configuring Snort Rules for Optimal Intrusion Detection

Snort is an open-source network intrusion detection and prevention system (IDS/IPS). It operates by analyzing network traffic in real-time…

Sep 24

Configuring Snort Rules for Optimal Intrusion Detection

Sep 24

LetsDefend: SOC202 — FakeGPT Malicious Chrome Extension

At first we will take ownership of this case to as to have a deep investigation on it and find the Indicators of Compromise(IOC’s).

Sep 18

LetsDefend: SOC202 — FakeGPT Malicious Chrome Extension

Sep 18

LetsDefend:SOC169 — Possible IDOR Attack Detected Walk-Through

An IDOR (Insecure Direct Object Reference) attack happens when a website or application lets users access or modify data they shouldn’t be…

Sep 13

LetsDefend:SOC169 — Possible IDOR Attack Detected Walk-Through

Sep 13

LetsDefend: SOC104 — Malware Detected Walk-through

EventID : 36

Sep 11

LetsDefend: SOC104 — Malware Detected Walk-through

Sep 11

LetsDefend: Malicious Document File Analysis 2

In this part we are going to analyze the following document that contains malicious malware

Sep 10

LetsDefend: Malicious Document File Analysis 2

Sep 10

defenseguru

defenseguru

Aspiring SOC Analyst passionate about cyber defense. Continuously learning incident response, log analysis, malware analysis, digital forensics and SIEM tools.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams