CyberDefenders: Mr. Robot

Note: I started with using volatility on my Windows machine, and eventually, I transitioned to working on my Linux machine. Pardon me for screenshots from different OSes. The first task in this challenge is to convert the VMWare Suspended State (.vmss) files to a memory dump so we can perform memory analysis. There is a …

Security Blue Team: More Than Just a Cyber Defender Company, But Also a Mental Health Defender

This is going to be my first blog entry that has nothing to do with any TryHackMe, HackTheBox, CyberDefenders, or Security Blue Team write-ups or walkthroughs. Since my interest in cyber security began, I have always been enamored with the Red Team side of it. But, as I became sucked deeper into the Red Team …

CyberDefenders: DetectLog4j-CTF

This challenge was released on 01/16/2022 from CyberDefenders. You can access the room at https://cyberdefenders.org/labs/86. This is another blueteam challenge. The skills/tools to be tested and needed to complete this challenge are Autopsy or FTK Imager, dnSpy, VirusTotal, and PowerShell. I hope you will find my write-up helpful. What is the computer hostname?vcw65 What is …

Try Hack Me: Conti

This room was released on 1/7/2021 and it is rated Medium in difficulty. Shou-out to the room creator, @heavenraiza who also recognized Bohan Zhang for the challenge. You can access the room at https://tryhackme.com/room/contiransomwarehgh. This is a blueteam challenge. The skills/tools to be tested and needed to complete this challenge are Splunk and Googling. I …

CyberDefenders: BSidesJeddah-Part2 (Memory Image Forensics)

This challenge was released on 12/14/2021 from CyberDefenders. You can access the room at https://cyberdefenders.org/labs/82. This is another blueteam challenge. The skills/tools to be tested and needed to complete this challenge are 99% between volatility2 and volatility3, and 1% Googling, MITRE, Crackstation, and CyberChef. In this challenge, you will gain a better appreciation of how …

Try Hack Me: Carnage

This room was released on 11/25/2021 and it is rated medium in difficulty. Shout-out to the room creators, RussianPanda [She/Her] and Heavenraiza. You can access the room at https://tryhackme.com/room/c2carnage. This is another blueteam side of the cybersecurity field. The skills/tools to be tested and needed to complete this challenge are WireShark, VirusTotal, and Malware and …

Try Hack Me: Squid Game

This room was released on 11/11/2021 and it is rated hard in difficulty. Shout-out to the room creators, @RussianPanda [She/Her] and @heavenraiza. You can access the room at https://tryhackme.com/room/squidgameroom. This is room is more on the blue side of the cybersecurity field. The skills/tools to be tested and needed to eliminate the five attackers in …

How to Upgrade OpenSSH on Linux

This is a walk-through on how to upgrade your version of OpenSSH. One of the main reasons why an organization needs to upgrade their OpenSSH server is when there are vulnerabilities found on older versions, especially findings from Security Rating solutions providers such as BitSight, SecurityScorecard, and even just Shodan. Everything that I have found …

Try Hack Me: H4cked

This room is one of the easiest rooms I've seen on Try Hack Me. The skills/tools to be tested and needed to finish this room are: FTP, Hydra, Web Shell, Netcat, Reverse Shell, and Wireshark. The room's creator is @toxicat0r. You can access the room at https://tryhackme.com/room/h4cked I was assigned a target IP address of …

Why I Think Security Blue Team’s BTL1 Certification is the Gold Standard for SOC Analysts

The good stuff first I woke up at 4:30 AM to take a leak, and just had a feeling to check my email quick before jumping back to bed. And then I saw the best email I could ever wish for from Security Blue Team: Needless to say, I was not able to go back …