Igor_sec's Blog
Hello! Welcome to my blog where I post write-ups for CTF challenges.
Tag: thm
-
TryHackMe | Zeek
Introduction to hands-on network monitoring and threat detection with Zeek (formerly Bro). Link: https://tryhackme.com/room/zeekbro Zeek (formerly Bro) is an open-source and commercial network monitoring tool (traffic analyser). The official description; “Zeek (formerly Bro) is the world’s leading platform for network security monitoring. Flexible, open-source, and powered by defenders.” “Zeek is a passive, open-source network traffic…
-
TryHackMe | Masterminds
Practice analyzing malicious traffic using Brim. Link: https://tryhackme.com/room/mastermindsxlq “Note: Before attempting this room, it is highly recommended that you complete the Zeek and Brim rooms. Those mentioned rooms cover basic security concepts and processing Zeek log files, which will help you navigate this room effectively.” “Three machines in the Finance department at Pfeffer PLC were…
-
TryHackMe | Brim
Learn and practice log investigation, pcap analysis and threat hunting with Brim. Link: https://tryhackme.com/room/brim “BRIM is an open-source desktop application that processes pcap files and logs files. Its primary focus is providing search and analytics. In this room, you will learn how to use Brim, process pcap files and investigate log files to find the…
-
TryHackMe | Wireshark: Traffic Analysis
Learn the basics of traffic analysis with Wireshark and how to find anomalies on your network! Link: https://tryhackme.com/room/wiresharkpacketoperations “In this room, we will cover the techniques and key points of traffic analysis with Wireshark and detect suspicious activities. Note that this is the third and last room of the Wireshark room trio, and it is…
-
TryHackMe | Wireshark: Packet Operations
Learn the fundamentals of packet analysis with Wireshark and how to find the needle in the haystack! Link: https://tryhackme.com/room/wiresharkpacketoperations “In this room, we will cover the fundamentals of packet analysis with Wireshark and investigate the event of interest at the packet-level. Note that this is the second room of the Wireshark room trio, and it…
-
TryHackMe |Wireshark: The Basics
Link-https://tryhackme.com/room/wiresharkthebasics Task 1: Introduction Which file is used to simulate the screenshots? Ans: http1.pcapng Which file is used to answer the questions Ans: Exercise.pcapng Task 2: Tool Overview Use the “Exercise.pcapng” file to answer the questions. Read the “capture file comments”. What is the flag? Ans: TryHackMe_Wireshark_Demo Open the pcap file and open the capture file…
Igor_sec's Blog 