Managed Detection and Response (MDR) is one of the security processes organizations use that outsource their data and resources security. In a more straightforward sense, organizations to protect themselves and their data and detect and monitor threats within the organization instead of making a security operations center, hiring and creating a security team/incidents response team/threat […]
One of Persistence’s advanced tactics in cyber security is the PreOS Boot technique. In this article, we will introduce this security tactic to stabilize access. MITRE ATT&CK ID:Â T1542 Sub-techniques: T1542.001, T1542.002, T1542.003, T1542.004, T1542.005 Tactics: Defense Evasion, Persistence Platforms: Linux, Network, Windows, macOS Defense Bypassed: Anti-virus, File monitoring, Host intrusion prevention systems What Is Persistence […]
Network Layer Jobs IP Routing One of the main roles of the Network layer is to forward packets between hosts. A host can send a packet to: Itself: Host can use it’s own interface IP or its loopback address to send a packet to itself. Same local network: When a host wants to send a […]
In this article we are going to talk about different variation of SPF (Shortest Path First). Dijkstra’s SPF is the algorithm that Link State Routing Protocols such as OSPF and IS-IS are using. It has many variations which we will cover them here: CSPF (Constraint Based SPF) CSPF is being used in Traffic Engineering Dynamic […]
The process of Incidents Response is important and its accurate and principled performance is more important. Therefore, this process, like other processes in the field of security, has special tools that make the process of Incident Response easier and faster.In this article, we are going to introduce the Incidents Response process and introduce 5 of […]
IS-IS Overview Intermediate system to intermediate system (Short for IS-IS) is an IGP link-state protocol which builds a link-state database. Like OSPF, It will the run the Dijkstra SPF algorithm to find the best path to the destination. IS-IS has an AD of 115 with Cisco NX-OS. Unlike OSPF, IS-IS does not run over network […]
BGP Overview Border-Gateway Protocol (BGP) is an extremely scalable routing protocol which gives you a lot of control to choose the best route. It is a path-vector, which unlike OSPF where routers individually run SPF algorithm on their Link-State Database, it advertises the routes to the network. BGP connects two autonomous systems (AS) to teach […]
OSPFv2 Overview With Open-Shortest Path First (OSPF) as a Link-State routing protocol, routers build some information about the network. Those information include: Router ID Number of Links Links Descriptions Attached Router Subnet Mask Metric The routers multicast these information (Link State Advertisement or LSA) to the segment. As a result, all routers in the same […]
In this article, we are going to talk about the DeepBlueCli tool for Threat Hunting in Windows via Event Viewer (Event Log). This powershell script can analyze various events in the Event Log, including Sysmon, Application, Security, etc. What Is DeepBlueCli? DeepBlueCli is a PowerShell-based tool used to detect and detect threats. This tool is […]
This post will introduce some of the basic standard Linux commands. Knowing these commands is crucial for understanding the following concepts. These basic commands are usually the same in all Linux distributions; therefore, their results are the same. We used CentOS Stream release 9. For more information about choosing distros, we suggest reading this post: […]
Elissa Garlin
Think of a news blog that’s filled with content hourly on the day of going live.