🦑𝐁𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐒𝐎𝐂 𝐇𝐨𝐦𝐞 𝐋𝐚𝐛 :
A Security Operations Center (SOC) is vital for any organization. In this project, I designed and deployed a fully functional SOC home lab using open-source tools: Wazuh, ELK Stack, TheHive, and Cortex.

𝐎𝐛𝐣𝐞𝐜𝐭𝐢𝐯𝐞𝐬 :
Ensure proactive monitoring and efficient incident management.
Simulate attack scenarios to test detection and response capabilities.

𝐓𝐡𝐞 𝐖𝐨𝐫𝐤𝐟𝐥𝐨𝐰 :
Wazuh Agents: Collect security data from various systems (Linux and Windows) and send it to the Wazuh Manager.

Wazuh (SIEM): Transfers data via Filebeat to Elasticsearch for storage and analysis.

Kibana: Visualizes data through dashboards with the Wazuh plugin for real-time monitoring.

TheHive (Incident Management Platform): Manages incidents using data from the Wazuh Manager.

Cortex (Automated Analysis Engine): Automates analyses and integrates with VirusTotal for suspicious file evaluation.

SOC Analyst: Utilizes these tools collectively to monitor systems, analyze incidents, and respond effectively to security threats.

𝐓𝐞𝐬𝐭𝐢𝐧𝐠 𝐚𝐧𝐝 𝐑𝐞𝐬𝐮𝐥𝐭𝐬 :
To validate the lab's performance, I executed multiple attack scenarios to ensure the tools could detect, analyze, and respond effectively. Example scenarios include:
+ Malware detection: Identifying malicious files and responding appropriately.
+ SQL injection attack detection: Detecting and mitigating database attack attempts.

Thank you Mohamed Benkhirat for you nice content.


@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑OnionGPT - Have fun! 😁

OnionGPT - Have fun! 😁 http://oniongpt6lntsoztgylhju7nmqedlq6fjexe55z327lmxyae3nutlyad.onion/

🦑LinkedIn is offering 𝟏𝟐 𝐅𝐑𝐄𝐄 𝐨𝐧𝐥𝐢𝐧𝐞 𝐜𝐨𝐮𝐫𝐬𝐞𝐬

𝐍𝐨 𝐏𝐚𝐲𝐦𝐞𝐧𝐭 𝐍𝐞𝐞𝐝𝐞𝐝! ❌

This course will help you learn practical, relevant skills anytime, anywhere.

1. Artificial Intelligence Foundations: Machine Learning
→ 6 chapter quizzes
→ Access on tablet and phone
🔗 https://lnkd.in/giN__2xU


2. Learning Python
→ Easy and powerful programming language
→ Suitable for all skill levels
🔗 https://lnkd.in/gDPg4b_h


3. Learn Cloud Computing
→ Overview of cloud computing concepts
→ Key for business migration to the cloud
🔗 https://lnkd.in/gYjt4U7S


4. Blockchain Basics
→ Learn the fundamentals of blockchain
→ Understand its impact on interactions
🔗 https://lnkd.in/gYjt4U7S


5. Strategic Thinking
→ 3 chapter quizzes
→ Access on tablet and phone
🔗 https://lnkd.in/gYFHybyp


6. Selling to Executives
→ Skills to sell effectively to executives
→ Enhance communication strategies
🔗 https://lnkd.in/g9uS7DRc


7. Digital Marketing Tools and Services
→ Essential tools for digital marketing
→ Expert guidance for business growth
🔗 https://lnkd.in/gPqdmCZ4


8. Affiliate Marketing Foundations
→ Key knowledge for affiliate marketing
→ Tips for starting and growing a business
🔗 https://lnkd.in/gRa-P6fX


9. Learning Video Production and Editing
→ Skills for video production and editing
→ Relevant for the digital age
🔗 https://lnkd.in/gnuDAcCG


10. Excel: Tips and Tricks
→ Tips and shortcuts for Excel
→ Enhance productivity with advanced features
🔗 https://lnkd.in/gnuDAcCG


11. Time Management Fundamentals
→ Techniques for effective time management
→ Boost personal productivity
🔗 https://lnkd.in/gSqMudqW


12. Public Speaking Foundations
→ Build essential public speaking skills
→ Gain confidence in presentations
🔗 https://lnkd.in/ghYsekSK


Ref: Altiam Kabir
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows Defender Bypass Using DSViper, Meterpreter, and HAVOC C2.

🦑Vid CVE 2024 49112 - LdapNightmare by SafeBreach-Labs

Large AI Resources & Models :

https://ai-list.de/

Basics of Switching Routing Firewall & Wireless

🦑 𝐒𝐮𝐩𝐞𝐫𝐜𝐡𝐚𝐫𝐠𝐞 𝐘𝐨𝐮𝐫 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐚𝐫𝐞𝐞𝐫 𝐢𝐧 𝟐𝟎𝟐𝟓: 𝐅𝐑𝐄𝐄 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞𝐬! 🚀

Looking to boost your IT and Cybersecurity skills?

This mega-list of FREE resources is your gateway to success! While some links might require a quick search, the knowledge gained will be invaluable. I've organized these resources by category for easier navigation, making your learning journey smoother and more efficient.


𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬:
𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+: https://lnkd.in/gyFy_CG9 A foundational security certification.

𝐂𝐈𝐒𝐒𝐏: https://lnkd.in/gUFjihpJ For experienced security professionals.


𝐊𝐞𝐲 𝐒𝐤𝐢𝐥𝐥 𝐀𝐫𝐞𝐚𝐬:
𝐃𝐚𝐭𝐚𝐛𝐚𝐬𝐞𝐬: https://lnkd.in/gWQmYwib Learn the essentials of data management.

𝐏𝐞𝐧𝐞𝐭𝐫𝐚𝐭𝐢𝐨𝐧 𝐓𝐞𝐬𝐭𝐢𝐧𝐠: https://lnkd.in/gAdgyY6h Develop ethical hacking skills.

𝐖𝐞𝐛 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐓𝐞𝐬𝐭𝐢𝐧𝐠: https://lnkd.in/g5FkXWej Secure web applications from vulnerabilities.


𝐇𝐚𝐧𝐝𝐬-𝐨𝐧 𝐏𝐫𝐚𝐜𝐭𝐢𝐜𝐞:
𝐇𝐚𝐜𝐤𝐓𝐡𝐞𝐁𝐨𝐱 𝐒𝐞𝐫𝐢𝐞𝐬 & 𝐇𝐚𝐜𝐤𝐢𝐧𝐠 𝐕𝐢𝐝𝐞𝐨𝐬: https://lnkd.in/gztivT-D Apply your skills in a virtual environment.

𝐍𝐞𝐭𝐰𝐨𝐫𝐤 𝐒𝐢𝐦𝐮𝐥𝐚𝐭𝐢𝐨𝐧: https://lnkd.in/gRMak7_x Build and test network configurations.

𝐕𝐢𝐫𝐭𝐮𝐚𝐥𝐢𝐳𝐚𝐭𝐢𝐨𝐧: https://lnkd.in/gFkyFVvF Experiment with different operating systems and software.

𝐂𝐚𝐩𝐭𝐮𝐫𝐞 𝐓𝐡𝐞 𝐅𝐥𝐚𝐠 (𝐂𝐓𝐅): 𝐓𝐞𝐬𝐭 𝐲𝐨𝐮𝐫 𝐬𝐤𝐢𝐥𝐥𝐬 𝐢𝐧 𝐭𝐡𝐞𝐬𝐞 𝐢𝐧𝐭𝐞𝐫𝐚𝐜𝐭𝐢𝐯𝐞 𝐜𝐡𝐚𝐥𝐥𝐞𝐧𝐠𝐞𝐬.
https://lnkd.in/gpnYs5Qj
https://www.vulnhub.com/
https://lnkd.in/gn2AEYhw
https://lnkd.in/g5FkXWej


𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐧𝐠 𝐒𝐲𝐬𝐭𝐞𝐦𝐬:
𝐋𝐢𝐧𝐮𝐱: 𝐄𝐱𝐩𝐥𝐨𝐫𝐞 𝐯𝐚𝐫𝐢𝐨𝐮𝐬 𝐝𝐢𝐬𝐭𝐫𝐢𝐛𝐮𝐭𝐢𝐨𝐧𝐬.
https://lnkd.in/g2M__A5n
https://lnkd.in/gyc4R_F7
https://lnkd.in/gSiHYRNg
https://lnkd.in/g5GsUT7H
https://lnkd.in/g7KJBUYd
https://lnkd.in/gUK8PU4p

𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭:
https://lnkd.in/gP3nxKpZ

𝐖𝐢𝐧𝐝𝐨𝐰𝐬 𝐒𝐞𝐫𝐯𝐞𝐫: Gain server administration expertise.
https://lnkd.in/gWUTmN-5
https://lnkd.in/gsWZQnwj


𝐏𝐫𝐨𝐠𝐫𝐚𝐦𝐦𝐢𝐧𝐠 𝐋𝐚𝐧𝐠𝐮𝐚𝐠𝐞𝐬:
𝐏𝐲𝐭𝐡𝐨𝐧: https://lnkd.in/g_NpsqEM A versatile language for scripting and automation.

𝐆𝐨𝐥𝐚𝐧𝐠: https://lnkd.in/gmwz4ed5 A powerful language for system programming.


𝐍𝐞𝐭𝐰𝐨𝐫𝐤𝐢𝐧𝐠:
https://lnkd.in/gNm8RhtS
https://lnkd.in/ghqw2sHZ
https://lnkd.in/g4fp8WFa Understand network fundamentals and security.

Ref: Adnan Alam
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Companies that specialize in gathering online intelligence
from both public and private sources:

• InsideView (https://www.insideview.com)

• NewsEdge (www.newsedge.com)

• Semantic Visions (www.semantic-visions.com)

• DigitalGlobe (www.digitalglobe.com)

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

An interesting active new evasion technique that is bypassing almost all security solutions so far, taking advantage of the recovery functionality in applications. This is groundbreaking as most if not all endpoint solutions aren’t armed with any file recovery techniques and would fail to detect this attack vector.

Microsoft has structured word documents similar to archives, constructing any doc file with 3 sections; starting with local file headers, central file headers and end directory records. These 3 sections are linked backward starting from the end to the header. Manipulating any of these sections makes it harder for any endpoint or email security solution to unpack and identify the issue, but recoverable by its intending application after its too late.

VirusTotal:
https://www.virustotal.com/gui/file/3245ca6c7f9f78e6b8fc0f05e7821e4b4e0d1abf24719d9457a7640f3f447c58/details