Persecure : my learning archive

Blue Team Labs

Hello! I’m a SOC analyst and cybersecurity enthusiast. In my free time, I enjoy practicing on CTFs and writing up about them.

Through deliberate practice and ongoing learning, I have honed my skills in the critical field of cybersecurity. One way I have accomplished this is by actively seeking out blue team-style labs, which have proven to be immensely valuable in strengthening my proficiency in various defensive domains.

Among the many benefits of utilizing these labs is the opportunity to apply theoretical knowledge in practical scenarios, thus solidifying comprehension and skill mastery. Moreover, blue team-style labs provide a controlled environment in which to practice and experiment, without the fear of causing harm to real-world systems.

Some of the specific blue team-style labs that I have personally used include network intrusion detection and analysis, malware analysis and reverse engineering, incident response, and vulnerability scanning and management. These labs have challenged me to think critically, analyze complex scenarios, and develop creative solutions to multifaceted problems.

Traffic Analysis

Digital Forensics

Memory Forensics

Malware Analysis

Reverse Engineering

Phishing

Phishing Analysis Fundamentals

LetsDefend Phishing Email

LetsDefend Email Analysis

BLTO Phishing Analysis

BLTO Phishing Analysis 2

Traffic Analysis

Traffic Analysis Essentials

LetsDefend Disclose The Agent

LetsDefend Http Basic Auth

BTLO Network Analysis – Ransomware

BTLO Network Analysis – Web Shell

Traffic analysis exercise 1

Traffic analysis exercise 2

Digital Forensics

CSIT’s CNY 2023 Mini Challenge

BTLO Shiba Insider

BTLO The Planet’s Prestige

Memory Forensics

BTLO Memory Analysis – Ransomware

LetsDefend Memory Analysis

Malware Analysis

OSINT

The Killer Clown

Intergalactic Warfare

Cold War Enemies

Dialogues from Atlantis

Reverse Engineering

Reverse Engineering

Others

Introduction to SIEM

HTB : Sauna

Network Enumeration To begin our exploration of the network, let’s initiate an nmap scan in order to identify open ports. WEB Enumeration Use gobuster to find for directories. Cant find anything interesting in the directory enumeration. Port 80 In the about us section we find some potential users. Let’s take note of the names. SMB…

March 23, 2023
HTB : Timelapse

Network Enumeration To begin our exploration of the network, let’s initiate an nmap scan in order to identify all open ports. To gather more information about the network, we can use a detailed nmap scan. Add the domain name found from the nmap scan to /etc/hosts SMB Enumeration SMB null sessions are a type of…

March 21, 2023
HTB : Active

Network Enumeration To begin our exploration of the network, let’s initiate an nmap scan in order to identify all open ports. To gather more information about the network, we can use a detailed nmap scan. Add the domain name found from the nmap scan to /etc/hosts SMB Enumeration SMB null sessions are a type of…

March 20, 2023
VulnNet: Roasted

VulnNet Entertainment quickly deployed another management instance on their very broad network…

March 13, 2023
Attacktive Directory

99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller?

March 12, 2023
JSON IP Extractor

As a SOC analyst, clients often request certain IPs to be blocked or whitelisted. However, dealing with a large JSON file that contains various information including the necessary IP addresses can be time-consuming. To overcome this challenge, a straightforward Python script can be used to extract IP addresses from the JSON format and export them…

March 6, 2023