BuddoBot’s Post

I've successfully built my very own SOC Analyst home lab. Thank you to Gerald Auger, Ph.D. from Simply Cyber for posting a helpful YouTube interview featuring SOC Expert Eric Capuano. In this video, Eric comments on his blog post titled "So You Want to Be a SOC Analyst?" It's very helpful for aspiring analysts. Here's a quick overview of the lab steps I performed: 1️⃣ Installed VMware Workstation Pro and set up an Linux server VM and a Windows 11 VM. 2️⃣ Disabled Windows Defender on the Windows VM to prepare it for attack. 3️⃣ Installed Sysmon on the Windows VM to capture valuable telemetry. 4️⃣ Installed and configured a sensor using LimaCharlie on the Windows VM for security monitoring. 5️⃣ Established a connection between my laptop and the Ubuntu VM using SSH. 6️⃣ Integrated Sliver, a Command & Control (C2) server, on the Linux VM to generate a variety of C2 session payloads containing executable files capable of establishing a user with full administrative privileges capable of various nefarious actions, including shutting down the machine, managing security logs, taking ownership of files, etc., and downloaded these to the Windows VM via a temporary server over http. 7️⃣ Emulated an adversary by performing an LSASS.exe credential dumping attack on the victim machine. 8️⃣ Monitored the malicious actions in LimaCharlie and utilized them to create a finely tuned detection rule for the LSASS attack. 9️⃣ Investigated the hash of the suspicious executable file using VirusTotal to check for any known viruses. 🔟 Created detection and response rules based on insightful analysis of LimaCharlie Endpoint Detection Response (EDR) telemetry, such as DNS Requests, Files Created/Deleted, New Processes, Deletion of Volume Shadow Copies, etc. I hope this inspires other aspiring SOC Analysts to build their own home labs and learn through hands-on practice. #SOC #analysts #cybersecurity #homelab #learningbydoing

OPEN POSITIONS! HURRY UP! FOR #CYBERCOR PROJECT: (a) Linux professional: - At least 5 years of linux system administration - - Installing and Managing of linux systems servers and workstations in several distributions and knowledge of system hardware - Good knowledge of linux command line, scripting, file system structure and permissions (b) Networking expert - At least 8 years of networking engineering - Good Hands-on knowledge on Cisco IOS/(alternative) commands and managing complex environment - installation and configuration of cisco switches and routers (layer 2 and Layer 3) - Hands-on knowledge in configuring VLANS and routing protocols (static and dynamic) - Good knowledge of theoretical models (7 layers and TCP/IP) - Good knowledge in IPv4/IPv6 , subnets , CIDR and Decimal/Octal/Hex conversion. (c) System expert - At least 8 years of managing windows servers environment - Install & Configure Server 2012 R2\2016\2019 , Roles & Features , Tools - Install and manage Active directory , manage users , groups and permissions in organizations - Hands-om knowledge in GPO managing , hardening windows servers - Hands on knowledge in managing DNS , DHCP , backup servers , WSUS servers , Terminal servers (d) Cyber security expert - At least 8 years of cyber security experience - Hands-on knowledge in PT in application and infrastructure level - Hands on knowledge in Kali linux environment and tools - Hands-on knowledge in Metasploit environment and tools - Hands-on knowledge in malware analysis (static and dynamic) - Hands on knowledge in file system forensics - Hands-on knowledge in managing firewall environments (e) For Malware Analysis and Windows Memory Forensics Expert - At least 10 years of Malware analysis experience (static and dynamic) - Hands-on knowledge with various tools for analysis including IDA and Olydbg , Good knowledge of yara rules - Hands-on knowledge in debugging malicious binaries - Hands-on knowledge in volatility or similar tools for memory forensics - Hands-on knowledge in detecting code injections , API hooks , rootkits , Kernel callbacks and timers (f) For SOC Analyst expert: - At least 10 years of managing complex soc environments in hands-on level - At least 5 years of Malware analysis experience (static and dynamic) , extracting IOCs - Hands-on experience in: analyzing network traffic using various tools , handling SOC cases and incidents , optimizing SIEM rules - Hands-on experience in file forensics - Hands-on experience in memory forensics using various tools - Hands-on experience in SIEM environment , including central logging - Using various threat intelligence tools (virus total , yara rules) CV mail to: dreamteam@cybercor.md

Windows XP for me .. SP2 of course

I got my first taste in cybersecurity when I was working at SentinelOne. I did use Rapid7 and Macafee in some jobs being in IT Support. This was totally different from being in a job where you need to know about siem tools and how to protect active directory. I had a crazy amount of imposter syndrome when I worked my first job in cybersecurity. I didn't know what bloodhound is and how to use Kali Linux. I didn't know about capture the flag and how to use a play book. It was a water hose of information. I was very uncomfortable with red team engagements. Learning how to use wireshark and capture logs in a siem environment was something new to me. The important thing is that you need to take the time to learn outside your normal work hours. I was practicing tryhackme, red team labs using Azure and metasploit. I had no clue what I was doing at the beginning but everyone was open to trained me so that helped a lot. The most important thing is admit that you don't know everything and you're willing to learn. Be willing to accept help and training. Especially when it's something you never did before. Happy Tuesday! #itsupport #itservices #itsupportspecialist #informationtechnology #informationtech #cyber #cybereducation #cybersecuritytips #desktopsupport #desktopsupportengineer #desktopengineer #helpdesk #helpdesksupport #helpdesktechnician #careeradvice #career #helpdesk #helpdesksupport #helpdesktechnician #servicedeskanalyst #servicedeskengineer #servicedesk

Interview Questions - Part-2 - Profile - L1 / L2 Network Engineer - Switching, Routing, Security I have shared with all of you some basic set of questions that I faced during my interviews. I will be sharing more in the upcoming posts too. Hope it helps.... 😊 #interview #questions #security #firewalls #networking #network #engineers #switching #routing #bgp

Created a roadmap for becoming a SOC analyst Level Up Your Networking Knowledge: Grasp core networking concepts like protocols (TCP/IP, UDP) and network security fundamentals. Resources: Online courses, certifications (CompTIA Security+) Build a Strong Security Foundation: Understand cybersecurity essentials: threats, vulnerabilities, and controls (firewalls, IDS/IPS). Explore popular operating systems (Windows, Linux, macOS) for security analysis. Sharpen Your Skills with Tools and Technologies: Certifications: Consider GIAC Security Essentials (GSEC) or SANS Security Essentials (SEC501). Master SIEM: Understand Security Information and Event Management systems. Hands-on Practice: Set up a home lab, participate in Capture the Flag (CTF) exercises. Land Your Dream SOC Analyst Job: Craft a Compelling Resume: Highlight skills, certifications, and hands-on projects. Network and Apply: Attend industry events, connect with professionals online. Continuous Learning: Stay updated with the latest threats and technologies. Bonus Tip: Develop soft skills like communication, teamwork, and problem-solving for SOC success. #SOC #SOCAnalyst #cybersecurity #cyberthreat #hacking

IT is a vast field, so the specific topics you need to know for an interview will depend on the particular role you're applying for. However, here's a breakdown of some general IT interview topics that you can be prepared for: Technical Skills: Operating Systems: Be familiar with major operating systems like Windows, macOS, and Linux, especially the one most relevant to the advertised position. Networking: Understand basic networking concepts like IP addresses, network protocols (TCP/IP), and different network topologies (LAN, WAN). Hardware: Have a working knowledge of computer hardware components like CPU, RAM, storage, and their functions. Software Applications: This could be anything from productivity suites (Microsoft Office, Google Workspace) to specific industry-standard software depending on the role. Security: Basic understanding of cybersecurity concepts like firewalls, malware, and password security. . . . . . . #ITInterview #TechInterview #JobInterview #CareerTips #TechCareers #ITJobs #OperatingSystems #Networking #Hardware #SoftwareApplications #Cybersecurity #ProblemSolving #CommunicationSkills #Teamwork #LearningAgility

Interview Questions - Part-1 -->Profile - Network Security Engineer -->Firewalls - Palo Alto and Fortinet FortiGate I have shared with all of you some basic set of questions that I faced during my interviews. I will be sharing some more in the upcoming posts too. Hope it helps.... 😊 #interview_questions #network_security #paloalto #firewalls #networking #ngfw #network_engineers #fortigate #switching #routing #bgp

I found this so useful and informative.

Certainly! Here's another multiple-choice question for an IT Support Engineer: What is the primary purpose of a firewall in a network? a) Data encryption b) Virus detection c) Access control d) Physical network connection ***Answer below*** #itadministrator#IT support Engineer #itengineer #cisconetworking #cibersecurity #c2crequirements #itadministrator #IT #networkadministration #IT Engineer