Skip to content
TechNotes

TechNotes

Exploring Tech

  • Home
  • Categories
    • Cloud
    • Linux
    • Cybersecurity
    • AI
    • DevSecOps
  • Projects
  • About Me
  • Thoughts in Text

event

Cybersecurity SOC Analyst Challenge

Create Alerts and Dashboards to detect activity based on Mythic Telemetry – Part 13

IfeOctober 14, 2024

Investigating our recent mythic activity, we return to ES > Discover. Here we search for “svchost-ifebamba.exe” which is our payload, we get some log information below: – we can see […]

Read More
Cybersecurity SOC Analyst Challenge

Create a Dashboard for Windows RDP activity with Kibana – Part 10

IfeOctober 8, 2024

Elasticsearch > Analytics > Maps … the you can compose your query: event.code: 4625 and agent.name: IfeBamba-WINSERVER Add Layer > Select Choropeth: Use the Add layer options as seen in […]

Read More
Cybersecurity SOC Analyst Challenge

Ingesting Data into Elasticsearch (Windows) – Part 6

IfeOctober 3, 2024

Elasticsearch Ingest Data Ingesting Sysmon and Windows Defender logs into Elasticsearch Click on Add integrations Search “Windows” and you get We click on Custom Windows Event logs, to gather logs […]

Read More

Categories

  • AI
  • AI Tools
  • Cybersecurity
  • General
  • Linux
  • Projects
  • SOC Analyst Challenge
  • SysAdmin
  • Tools
  • Virtual Infrastructure with VMware

Recent Posts

  • Exploring Warp: The AI-Powered Terminal
  • Troubleshooting a database connectivity issue with PostgreSQL on a Linux Machine
  • Setting Up a Virtual Infrastructure with VMware ESXi, vCenter Server, and vSphere: A (Not so) quick dive!
  • Investigating Malware attachments In Emails – LetsDefend.io
  • Deploying Elastic Defend for EDR (Endpoint Detection and Response) – Part 18
Copyright 2025. All rights reserved.
Powered by RS WP THEMES