Igor_sec's Blog
Hello! Welcome to my blog where I post write-ups for CTF challenges.
Tag: blueteam
-
TryHackMe | Benign
In this post, I’ll be working through a suspicious process execution exercise from TryHackMe to practice investigating event logs in Splunk. In this exercise, I’m given Windows event logs from an infected host to analyse. By filtering events in Splunk and extracting key data points, anomalies are discovered and attacker activities are uncovered. Task 1 Introduction…
Igor_sec's Blog 