Day 1: Creating Logical Diagram Importance of logical diagrams for visualizing network infrastructure. Components: Windows Server (RDP), Fleet Server, Ubuntu Server (SSH), Elastic & Kiban...

Elastic has its own powerful endpoint protection solution called Elastic Defend. Today, we’ll dive into installing Elastic Defend in our SOC environment to bolster our security posture. What is ED...

In this blog, we’ll dive deep into the Mythic Agent. Let’s log into Elastic and start our investigation. Go to the recently viewed menu (the hamburger icon) and select the dashboard you created spe...

Let’s start by creating some rules to streamline our alert management in OSticket. Head over to the ‘Alerts’ section under ‘Security’ (you’ll find it by clicking the hamburger icon). From there, cl...

Today, we’re wrapping up our environment setup for SOC investigations. We’ll integrate osTicket with ELK. Let’s start the instances, log into osTicket’s Admin Panel, and get started. Click on Ma...

Yesterday, we talked about ticketing systems and OSticket. Today, let’s dive into the setup. We’ll start by creating a new server and deploying it. Get ready for some technical fun! Select the ‘...

A ticketing system, also known as a help desk or issue tracking system, is a software application that facilitates the management and resolution of customer support requests or incidents. It provid...

In this blog, we will continue our ritual and create the alerts and dashboard for mythic c2. The alerts will contain the information regarding the process creation, initialization and winodws defe...

In our previous blogs, we drew up the attack blueprint and set up the Mythic server. Now, it’s showtime! Let’s execute our brute force RDP attack. Remember we’ll need to switch between machines so,...

Let’s put our knowledge to the test and build our very own Mythic C2 server! First, we’ll log into Vultr cloud using our credentials. Then, we’ll create a new server from the Compute options. ...