Category Archives: Network Analytics

Unique Usernames!

I recently created a cloud based virtual machine, the purpose of this will be for an HTTP honeypot, but I thought first off I would leave it for a few days to see what happened. This VM has only port … Continue reading

Posted in Attack, Brute force, Network Analytics, Network Forensics, Protocol, SSH | Tagged , , | Leave a comment

Ringzer0team – Forensics Challenge 35 – Poor internet connection

This writeup is to explain how to get the answer (flag) to the Forensic Challenge named “Poor Internet Connection” I will not be posting the flag here as I am giving you all of the instructions to get it yourself! … Continue reading

Posted in Competitions, Cyber, Network Analytics, Network Forensics, PCAP Analysis | Tagged , , , , , , | 1 Comment

TTLs and where to find them

Recently I have been conducted a lot of interviews for SOC Analysts; one of the questions I ask is as follows: You are reviewing your DNS logs and find an answer to a DNS query which shows rabbitcoldhotel.evil.com on <AnyExternalIP> … Continue reading

Posted in Network Analytics, Network Forensics, Uncategorized | Tagged , , , , | 2 Comments