Recent Discussions
Need help in the lab - APT29 Threat Hunting with Splunk: Ep.11 – Demonstrate Your Skills
I am currently working through the APT29 Threat Hunting with Splunk: Ep.11 – Demonstrate Your Skills lab and would appreciate your assistance in reviewing or clarifying a few specific questions. Despite thorough log analysis and validation via Splunk queries, the following questions are not accepting what I believe to be correct answers: Q10. A PowerShell script was initially executed to extract encoded data from an image file. What is the full ParentCommandLine field value used to execute this? Q11. This PowerShell script was added to a registry key that was used to bypass user access control. What other value was set on the same key to facilitate this? Q15. what was the name of the service created to obtain a means of persistence? Q23. What is the name of the executable that's executed by the persistence mechanism placed in the Windows Startup folder?1like2CommentsIntroduction to Active Directory Attacks: Local Passwords
Briefing says to use poweup.ps1 but i dont see the powershell script in the tools folder. additionally tried powershell command mentioned but producing so many result. any thoughts or suggestion to find the password stored in some where in files.1like1CommentCredential Access - NTDS
Got down to the last two questions and I felt like I've tried all suggestions in the briefing. Can anyone help out with the last two question? Also, the "secretsdump.py -ntds <ntds.dit path> -system <SYSTEM hive path> LOCAL" isn't working but tried "impacket.examples.secretsdump" and it doesn't throw an error, but also doesn't throw any output.Operation Kobold - Defensive SOC Track 2
I need help with these two questions could you please guide me Continuing your analysis of the file identified in Question 29, what is the address of the C2 Server? What is the value of the watermark found in the executable identified in Question 29?1like2CommentsAI: Prompt Injection Attacks
I've found the password for L1 on the above Lab, which it says it acknowledges as being correct, but it's not unlocking Level 2. Any advice? Do I just need to type in the password (in the correct case sensitive way); i've also tried it with a / before hand and within <>1like6Comments2 New Security Apprenticeship Opportunities with BT Group
😱 This is an Incredible Opportunity for the Cyber Million Community BT Group just posted their first wave of UK-based Security apprenticeships. There's opportunities in Belfast and Manchester with more to come in the New Year! Whether you're a school-leaver, graduate, or someone looking to pivot into the cybersecurity industry, you'll want to check this one out.3likes1CommentArctic Wolf are Hiring Security Analyst Interns in Waterloo, Ontario, Canada!
Want to kickstart your cybersecurity career? Our friends at Arctic Wolf is looking for Triage Security Analyst Interns in Waterloo, Ontario! What you'll do: Analyze security data Troubleshoot network issues Help customers with security incidents What you'll need: Passion for cybersecurity Strong IT and networking knowledge Great communication skills What you need to know: Part time - 20 hours Internship Office Based (No Remote) Think you're a good fit? Apply now through Cyber Million1like0Comments