Author: user
Automate Sentinel to enrich and record IP reputation using VirusTotal
source: https://learn.microsoft.com/en-us/azure/sentinel/tutorial-enrich-ip-information Prerequisites An Azure user with the following roles:Microsoft Sentinel Contributor on the Log…
Hybrid Cloud SOC Automation Project – LAB 2: Detecting failed SSH attempts, automating email and block attacker IP option using Wazuh and Shuffle
Wazuh(XDR), Shuffle(SOAR), TheHive(Case Management), Digital Ocean Cloud(PaaS) LAB 2: Detecting failed SSH attempts, automating email…
Hybrid Cloud SOC Automation Project – LAB 1: Mimikatz detection, automating email and alert creation in Wazuh and TheHive using Shuffle
Wazuh(XDR), Shuffle(SOAR), TheHive(Case Management), Digital Ocean Cloud(PaaS) LAB 1: Mimikatz detection, automating email and alert…
Configuring and Deploying a VM using ARM Template
Configuration Storage Account Public IP Network Security Group Virtual Network Network Interface (NIC) Virtual Machine …
Yara rules creation examples
Example 1: Creating Yara rule to detect youtubedownloader.com domain in an .exe file Example 2:…
LimaCharlie EDR Deployment
Go to Sensors > Installation Keys > click on Create Installation Key Now we need…
Phishing email investigation (Header, Attachment)
Header Analysis In this example we have a phishing email impersonating CIBC, we will conduct…
Qualys – Vulnerability Assessment credentialed scan on Windows 10 VM
Step by step example of a credentialed scan on a target VM with vulnerable software…
AZ-500 Defender for Cloud – configure Defender for Cloud and implement JIT recommendation
source: AZ500-AzureSecurityTechnologies Task 1: Configure Microsoft Defender for Cloud On the top search bar type…
AZ-500 Azure Monitor – Deploy VM, storage and data collection rule
source: AZ500-AzureSecurityTechnologies Exercise 1: Deploy an Azure virtual machine In Azure open cloudshell and select…