Forum Discussion
Dark_Knight666
Silver I
Silver ITrick or Treat on Specter Street: Ghost of the SOC
Hi there, Am I right as obvious that it may seem that for me to login to Kibana, I need to access this through the Elastic IP address that I have entered in my browser? If so I'm getting the error m...
Dark_Knight666Silver I
Silver IStill a little stuck on Q1 🤯
So looking through the Powershell command line, I understand that the script is Base64 string, and found what I think may be the Ghosts communication, but when I pass this through using CyberChef it appears not to be correct. So I am decoding it from Base64. Am I completely off the mark here?
Samh051
Bronze III
Bronze IIIExpand the alert instead of clicking on the rule name.
Use this button -
You should then be able to see the base64 encoded argument.
