In previous posts, we have discussed how to collect logs and index them in the S1EM. However, we encountered some challenges. For example, we can obtain PowerShell events, but what about cmd logs? ...

When we talk about hunting in cybersecurity, it’s likely that the first thing that comes to mind is querying a SIEM, our security event database. But what happens when the SIEM was implemented afte...

PowerShell, a powerful Windows command-line shell and scripting language, is often abused by adversaries to execute malicious scripts and commands, one of the most commonly used techniques accordin...

The Wazuh Security Information and Event Management (SIEM) solution is a centralized platform for aggregating and analyzing telemetry in real time for threat detection and compliance. For our cybe...

In cybersecurity, having an efficient testing lab is crucial for understanding attack scenarios. This blog will guide you through two essential steps to build your own testing lab (Client-Server Mo...

Testing jekyll-theme-chirpy Intro Lorem ipsum dolor sit amet, consectetur adipiscing elit. Quisque cursus ipsum sit amet magna ullamcorper dictum. Sed rutrum mi semper euismod mollis. Phasellus e...