#whodoesthat #whodoesthat

𝑭𝒓𝒆𝒆 𝑺𝑰𝑬𝑴 𝑻𝒓𝒂𝒊𝒏𝒊𝒏𝒈 & 𝑯𝒂𝒏𝒅𝒔-𝑶𝒏 𝑳𝒂𝒃𝒔 𝒇𝒐𝒓 𝑪𝒚𝒃𝒆𝒓𝒔𝒆𝒄𝒖𝒓𝒊𝒕𝒚 𝑷𝒓𝒐𝒇𝒆𝒔𝒔𝒊𝒐𝒏𝒂𝒍𝒔! SIEM (Security Information and Event Management) is a vital cybersecurity tool that combines log collection and analysis (SIM) with real-time monitoring and incident response (SEM). It aggregates data from various IT sources, uses analytics to detect threats, and alerts security teams to suspicious activities. Free SIEM Training Courses: Splunk Fundamentals 1 – Learn log analysis & dashboard creation. Link- lnkd.in/dipKnE7 Microsoft Sentinel Training – Cloud-based SIEM for monitoring. Link- lnkd.in/eq_2pKi2 Elastic Security Training – SIEM with ELK Stack. Link- elastic.co Free Hands-On SIEM Labs: TryHackMe - SOC Training – SIEM & log analysis challenges. Link- tryhackme.com/  Blue Team Labs Online (BTLO) – Advanced SIEM & threat-hunting scenarios. Link- lnkd.in/eUhPVhkE Security Onion Lab – Real-world SIEM setup. Link- lnkd.in/gtDenHkx

Cybersecurity Home Lab Ideas 𝟏. Google Gruyere – Web vuln lab → Exploit flaws & analyze logs. google-gruyere.appspot.com 𝟐. YARA – Malware pattern matching → Write rules & scan samples. virustotal.github.io/yara 𝟑. Velociraptor – Endpoint hunting/IR → Collect artifacts & hunt threats. velocidex.com 𝟒. Security Onion (SOC mode) – SOC practice → Triage alerts & investigate in lab. lnkd.in/g_TDAUHY 𝟓. Blue Team Labs – SOC challenges → Complete detection & response tasks. blueteamlabs.online 𝟔. IR Plan – Incident response template → Adapt & test with lab scenarios. lnkd.in/g3Y5cNvk 𝟕. KAPE – Forensic triage tool → Collect artifacts from lab machines. lnkd.in/gN7RquDU | lnkd.in/gJPwSaXt 𝟖. Volatility – Memory forensics → Analyze RAM dumps for evidence. volatilityfoundation.org 𝟗. Clonezilla – Disk imaging → Back up or restore lab systems. clonezilla.org 𝟏𝟎. VirtualBox Networking – Isolated nets → Simulate segmented environments. lnkd.in/ghb7Hkme 𝟏𝟏. MITRE ATT&CK – TTP knowledge base → Map attacker techniques in lab. attack.mitre.org 𝟏𝟐. TheHive – IR case management → Track incidents & investigations. thehive-project.org 𝟏𝟑. Wazuh (IR mode) – Alerts & correlation → Respond to lab-generated events. wazuh.com/install 𝟏𝟒. TTX Framework – Tabletop exercises → Run simulated IR discussions. lnkd.in/gPfEqV8Z 𝟏𝟓. DetectionLab – Prebuilt DFIR lab → Deploy with logging & monitoring. lnkd.in/gbmiTYrM 𝟏𝟔. VirtualBox – VM management → Create & run isolated machines. lnkd.in/gscBk7g7 𝟏𝟕. Linux CLI – Shell tutorials → Practice commands on test systems. lnkd.in/gR8m3tbG 𝟏𝟖. Cockpit – Linux web admin → Manage servers through a browser. cockpit-project.org 𝟏𝟗. Nmap – Network scanning → Discover hosts & open ports. nmap.org/download.html 𝟐𝟎. Apache – Local web server → Host sites in a lab environment. lnkd.in/gqQP6Grg 𝟐𝟏. Pi-hole – DNS sinkhole → Block ads & trackers in lab net. pi-hole.net 𝟐𝟐. OverTheWire – Linux CTF games → Learn by solving wargames. lnkd.in/gMUTzt5m 𝟐𝟑. TryHackMe – Linux fundamentals → Follow guided hands-on labs. lnkd.in/gnhuJaiM 𝟐𝟒. Wireshark (advanced) – Packet analysis → Use filters & inspect sessions. lnkd.in/gsEp7XgX 𝟐𝟓. Phishing Quiz – Phish detection → Test spotting suspicious emails. lnkd.in/gQZJFB96

truly, this shall pass

Jr SOC Analyst

Types of Security Logs

Imagine an honest life lived, even with millions in your pocket, you'll always feel safe.

BREAKING: Norway's $2 trillion wealth fund ran a 12-month AI experiment. They gave Claude access to their entire investment workflow. Result: 213,000 hours saved. 20% productivity boost. But what they found hiding in the data changed everything: A Thread 🧵

Nimeona Bastille day ambassador wa France aliendorse maandamano ya Jensii very nais. Paris is indeed the capital of protests kwanzia pale Saint Denis

Last reminder: Avoid seed oils. These so called "vegetable oils" are not healthy. Keep off completely. #FoodFriday

SOC Analyst Roadmap 🔵🎯 ├── Core Skills │ ├── Networking │ │ ├── TCP/IP, DNS, DHCP │ │ ├── Subnetting & Network Design │ ├── Operating Systems │ │ ├── Windows: AD, Logs, Group Policy │ │ ├── Linux: Permissions, Syslog, Scripting │ └── Cybersecurity Basics │ ├── CIA Triad, Risk Assessment │ ├── Threat Frameworks (MITRE ATT&CK) ├── Threat Intelligence │ ├── OSINT: Maltego, Shodan, Censys │ ├── Threat Hunting: TTPs, Alert Triage │ └── IOCs: IPs, Hashes, Domains ├── SOC Operations │ ├── SIEM: Splunk, ELK, QRadar; Log Analysis │ ├── Incident Response: Alert Handling, Basic Forensics │ ├── EDR: CrowdStrike, SentinelOne; Endpoint Monitoring │ └── NSM: Zeek, Wireshark; Traffic Analysis ├── Vulnerability Monitoring │ ├── Scanning: Nessus, Qualys; Result Analysis │ ├── Patching: Track & Verify Updates │ └── Configurations: Monitor Secure Baselines ├── Identity & Access │ ├── Authentication: MFA, SSO Logs │ ├── Authorization: RBAC/ABAC Monitoring │ └── Anomalies: User Behavior, Brute-Force Detection ├── Infrastructure Monitoring │ ├── Segmentation: VLAN, Firewall Logs │ ├── Zero Trust: Identity & Policy Checks │ └── Encryption: TLS/SSL, VPN Monitoring ├── Awareness Support │ ├── Phishing Simulations & Training Metrics │ └── Incident Feedback for User Education ├── Compliance & Policy │ ├── Regulations: GDPR, HIPAA, PCI-DSS │ └── Policy: Monitor Security & IR Adherence ├── Advanced SOC Skills │ ├── Deception: Honeypots, Alert Analysis │ └── Simulation: Purple Teaming, ATT&CK Mapping

🛡️ Wazuh in Action: Real-Time Threat Detection for Blue Teams 🔍💥 Wazuh is a powerful open-source SIEM & XDR platform built to help blue teams detect, correlate, and respond to attacks before they escalate. ⤵️ Hands-On Lab ⤵️

Free TryHackMe Labs You Can Start Today 🔬💻🧠 Want to learn cybersecurity hands-on without spending a dime? TryHackMe offers a wide range of free labs to help you build real skills in a virtual, beginner-friendly environment ⤵️

🐉 Kali Linux Commands: A Quick Guide for Pentesters & Ethical Hackers 🧰💻

🧱 Understanding Active Directory Protocols: The Backbone of Enterprise Security 🔐 Active Directory (AD) relies on a set of critical protocols that handle authentication, authorization, directory lookups, and secure access to resources across an organization’s network

Intern vs Expert

Pentest Tools SOC teams should know

This is beautiful. Even when Israel is heavily bombed, Israelis are singing and praying in the shelters. This is why the people of Israel will live forever.

The major vulnerabilities in most organizations and governments; creations of departmental systems without frameworks on implementations, giving privileges without consideration of least privilege principles and other serious frameworks.

🧵 THREAD: A federal whistleblower just dropped one of the most disturbing cybersecurity disclosures I’ve ever read. He's saying DOGE came in, data went out, and Russians started attempting logins with new valid DOGE passwords Media's coverage wasn't detailed enough so I dug into his testimony: