In this post, I will cover completing easy sherlocks with splunk. I haven’t seen many posts covering the tactics they use to ingest sherlocks using splunk, and the posts I have seen for ‘walkthroughs’ offer no reasoning. It’s pretty clear many sherlock writeups just paraphrase from the HTB solution pdf. So, in this post, I will first go over how I ingest data into splunk, then I will cover how I solve two sherlocks. This focuses on windows event logs. ...
I started studying for the CPTS with no real experience in offensive cybersecurity around December 2024. This was during my sophomore year in college, so I was unable to complete this certification very fast. I worked at it off and on. I eventually completed all of the work around June. I studied for most of July, and took the test at the beginning of August. I got lucky, and got my results back in 6 days. ...
This is a tutorial to quickly setup and deploy a honeypot. This is useful if you are a student/researcher who wants to quickly through up a honeypot, without implementing proxmox. I’m posting this to document this interesting creation, as I haven’t seen a honeypot or most networks done like this (for a good reason). VLANS should be configured to work beforehand. The ‘fun’ part of this is the fact that this allows a live attacker to have full control immediantly of the computer you give them without any restrictions inside your network. Too many honeypots are way too safe. There is no fun in that, let that attacker thrive and give you more content. This allows the user to place more vm’s on their vulnerable vlan to see if the honeypot attack spreads. ...