Recent posts
Mastering Field Extraction in Splunk: Quick Guide
Learn how to configure and test field extractions in Splunk using regex in transforms.conf and props.conf.
Mastering the Tstats Command in Splunk
Learn how to leverage the powerful Tstats command in Splunk 9.2.1 for optimized data analysis and improved search performance.
A Technical Guide to Splunk Data Models
Learn how to create, fill, maintain, validate, and request data from Splunk Data Models in this comprehensive guide.
ldapsearch
ldapsearch is a command-line tool for querying and retrieving data from LDAP (Ligthweight Directory Access Protocol) directories. It supports search filters,...
dnstwist
Find typosquating domains
netstat
netstat (network statistics) is a command-line tool used for various network-related diagnostics and analysis.
Windows Foundation
Some basics to better understand the how windows works
Zeek
a free and open source network analysis framework
shodan
Sentient Hyper-Optimised Data Access Network
privateGPT
PrivateGPT is a powerful AI project designed for privacy-conscious users, enabling you to interact with your documents using Large Language Models (LLMs) wit...
Splunk commands
An overview of some Splunk commands
Threat Hunting
Proactive search for hidden threats in computer networks, enabling early detection and prevention of potential security breaches.
Network Forensics
Network forensics analyzes network traffic to uncover evidence of security incidents, aiding in incident response and prevention.
Atomic Red Team
Atomic Red Team is an open-source project that provides a framework for performing security testing and threat emulation.
Attack Range by Splunk
Attack Range is designed to simulate a real-world attack scenario, allowing security teams to test and improve their detection and response capabilities.
chainsaw
Search and Hunt through Windows Forensic Artefacts with Sigma Rules
Burp Suite
Burp Suite is a framework that aims to provide a one-stop-shop for web application penetration testing
Building Better Notables in Splunk ES
Tips for optimizing notables in Splunk Enterprise Security
Linux Shell Guide
A small cheat sheet for linux commands.
splunk and Auditd
How to work with auditd and splunk
auditd
Auditd is a Linux system service that allows you to audit system events in a more detailed and configurable way than the standard Linux auditd service.
My little VIM guide
A little Guide to the open source text editor VIM (VI Improved)
lynis
Lynis is a security auditing tool for Unix-based systems. Its reports provide information about the system’s security posture, including potential vulnerabil...
Snort
Modes
Linux: lsof
Linux command to ‘List Open Files’
OSINT
Open Source Inteligence is gathering and analysing publicly available data for intelligence purposes
OpenCTI
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables.
MISP
Malware Information Sharing Platform
Cyber Threat Intelligence
A quick overview about Cyber Threat Intelligence
The Unified Kill Chain
A quick overview of The Unified Kill Chain Model
The Cyber Kill Chain
The Cyber Kill Chain
The Diamond Model of Intrusion Analysis
The Diamond Model of Intrusion Analysis Adversary Adversary Operator Adversary Customer Victim Victim Personae ...
Check for Pegasus on iOS
How to check for Pegasus and other spyware on iOS
xfreerdp: connect to unix/windows
Connect to RDP from Linux. xfreerdp /v:XX.XX.XX.XX /u:Administrator References kali-xfreeftp
smtp-user-enum
smtp-user-enum -M VRFY -U users.txt -t 10.10.10.1 smtp-user-enum -M VRFY -u tom -t 10.10.10.1
Generate User/Password Lists with Crunch
Generate password or user lists on Linux with Crunch.
curl
An overview of what you can do with curl.
Nmap
active vs. passive scanning