Lab PoC: SSH Reverse Tunnel sobre Tor (tecnica APT SandWorm)
Contexto: que hace SandWorm con SSH y Tor El grupo APT-C-13 (SandWorm/APT44/Seashell Blizzard) es uno de los APT mas sofisticados del mundo.
DFIR & Threat Intel (44 articulos)
Cyberdefenders – FakeGPT Lab writeup
Instructions: Uncompress the lab (pass: cyberdefenders.org) Scenario: Your cybersecurity team has been alerted to suspicious activity on y
Cyberdefenders – 3CX Supply Chain Lab writeup
Instructions: Uncompress the lab (pass: cyberdefenders.org) Scenario: A large multinational corporation heavily relies on the 3CX software
Cyberdefenders – Red Stealer Blue Team Lab writeup
Instructions: Uncompress the lab (pass: cyberdefenders.org) Scenario: You are part of the Threat Intelligence team in the SOC (Security Op
Cyberdefenders – Reveal Blue Team Lab writeup
Instructions: Uncompress the lab (pass: cyberdefenders.org) Scenario: As a cybersecurity analyst for a leading financial institution, an a
Cyberdefenders – Ramnit Blue Team Lab writeup
Instructions: Uncompress the lab (pass: cyberdefenders.org) Scenario: Our intrusion detection system has alerted us to suspicious behavior
Cyberdefenders – RedLine Blue Team Lab writeup
Scenario: As a member of the Security Blue team, your assignment is to analyze a memory dump using Redline and Volatility tools. Your goal i
Activando Volatility en Autopsy para Análisis Forense
Introducción En el mundo de la informática forense, disponer de herramientas robustas y eficientes es fundamental para realizar análisis pre
CHEATSHEET VOLATILITY 2 y 3
Introducción En el ámbito de la respuesta a incidentes y el análisis forense digital, el análisis de la memoria es una herramienta crucial p
Cyberdefenders – OpenWire
Scenario: During your shift as a tier-2 SOC analyst, you receive an escalation from a tier-1 analyst regarding a public-facing server. This
Cyberdefenders – XLM Macros writeup
Recently, we have seen a resurgence of Excel-based malicous office documents. Howerver, instead of using VBA-style macros, they are using ol
Cyberdefenders – Elastic-Case
Scenario: An attacker was able to trick an employee into downloading a suspicious file and running it. The attacker compromised the system,