Event Details EventID: 118 Event Time: Feb. 28, 2022, 4:12 a.m. Rule: SOC168 - Whoami Command Detected in Request Body Level: Security Analyst Hostname WebServer1004 Destination IP Address 17...

Summary A few days ago, LetsDefend released brand new challenge named Investigate Web attack. It obviously clear that there are some web attacks that we’re going to investigate. First, download t...

Event Details EventID: 76 Event Time: March 14, 2021, 7:15 p.m. Rule: SOC137 - Malicious File/Script Download Attempt Level: Security Analyst Source Address: 172.16.17.37 Source Hostname: Nic...

Event Details EventID: 89 Event Time: April 18, 2021, 1 p.m. Rule: SOC142 - Multiple HTTP 500 Response Level: Security Analyst Source Address : 101.32.223.119 Source Hostname : 101.32.223.11...

Event Details EventID: : 88 Event Time: : April 4, 2021, 11:10 p.m. Rule: SOC141 - Phishing URL Detected Level: Security Analyst Source Address 172.16.17.88 Source Hostname MarkPRD Destinat...

Event Details EventID: 83 Event Time: March 21, 2021, 1:02 p.m. Rule: SOC119 - Proxy - Malicious Executable File Detected Level: Security Analyst Source Address 172.16.17.5 Source Hostname Su...

Event Details EventID: : 94 Event Time: : June 13, 2021, 4:23 p.m. Rule: : SOC147 - SSH Scan Activity Level: : Security Analyst Source Address : 172.16.20.5 Source Hostname : PentestMachine ...

Hello everyone. In this article, I’m going to try to explain writeup box solution which is one of the free hackthebox machines. Reconnaissance Let’s start with enumeration process. I added machine...

Reconnaissance As always we do, let’s start with nmap scanning. cengover@kali:~/htb/heist$ sudo nmap -sC -sV -oN nmap/hesit-top-ports 10.10.10.149 Starting Nmap 7.91 ( https://nmap.org ) at 2021-...

Hello, in this article I’ll try to explain the solution of academy machine. The machine released in Hackthebox which is also one of the most populer penetration testing labs. Reconnaissance Nm...