Todays task had me using a premade rule file from Tryhackme, after which I then had to create a rule to detect MS17-010. The only problem was that it had an escape character. So using my smarts I went to CyberChef and got the hex value, and finished the rule. Super fun, Loved it!!! Check out the room and my write-up on it!!!!

#TryHackMe #Snort #SocLevelOne

https://medium.com/@haircutfish/tryhackme-snort-challenge-the-basics-task-7-using-external-rules-ms17-010-6586803c360f

Today I started the Threat Intelligence Tools room on TryHackMe. On today's write-up I do task 1, 2, and 3, and on task 3 I got to check out UrLScan.io. Great site to give you lots of info on domains!!! Go check out the write-ups and let me know what you think!!!

#tryhackme #ThreatIntelligenceTools #SOCLevelOne

https://medium.com/@haircutfish/tryhackme-threat-intelligence-tools-task-1-room-outline-task-2-threat-intelligence-and-task-3-24bbfe94b9f3

Today's room is Intro to Cyber Threat Intel, there was a lot of great info in here that not only recaps what I've learned so far with the kill chains. Then has a practical at the end with a very small Alert log that you pull info from to gain Threat intel on an attacker, awesome stuff!!! Head over to my medium and check out my write-up, I am always accepting feedback to improve on them. Not to mention if you follow you can get the write-ups as soon as I upload them!!!!.

#tryhackme #IntrotoCyberThreatIntel #SocLevelOne

https://medium.com/@haircutfish/tryhackme-intro-to-cyber-threat-intel-room-177a830fc458

Here is the Diamond Model Room. Great resource, and way to look at attackers and how they function before, after, and during and incident. Awesome room, head over and check it out. Make sure you check out my write-up as well!!! If you like what you read and you want them as soon as then come out make sure you follow me here and on medium!!!!

#tryhackme #DiamondModel #SOClevelone

https://medium.com/@haircutfish/tryhackme-diamond-model-room-5b93441a9fec

I Finished up the MITRE Room on TryHackMe, and ohhh boy did I love Task 8. In Task 8 you are given a scenario were you get to do some Threat intel research, I loved it and was super fun. Head over and check out my write-up on the Tasks on Medium!!!

#tryhackme #MITRE #SOCLevelone

https://medium.com/@haircutfish/tryhackme-mitre-room-task-8-att-ck-and-threat-intelligence-task-9-conclusion-7314d008f6d5