92d22695-e17b-413b-abc3-b9be21992670[.]pdf

Sharing

Copy URL Twitter E-mail

General

Target

92d22695-e17b-413b-abc3-b9be21992670.pdf
Size

11.1MB
MD5

a6b31873ae91accb144a7d3d4a13ae78
SHA1

521e15e954230bbaad60a9afa985ac9bc108190a
SHA256

b88340247316c9c925d4ed2538eb6215c54bbbfae23883872a9131f05e057d3e
SHA512

56681df3667f1a829f95bba5ea196883a1f4cac3978c5387e8bc692f6c5101605cda1e35456d46f51c1b50c036c09a60e573d68ca0acd832a5987acae1c6b4c2
SSDEEP

196608:LHmHbA9FFr53uio73xVenTi14OzoLiKLURXgoAZPZ0AasiOqOTZAuwpA:kbsPl3d7nOUeqIgnWA5PT6K

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

92d22695-e17b-413b-abc3-b9be21992670.pdf
.pdf
- http://AbstractQueuedSynchronizer.java:1079
- http://AbstractQueuedSynchronizer.java:2123
- http://LockSupport.java:234
- http://Logz.io
- http://NativeThread.java:75
- http://Thread.java:1313
- http://boston-dc1.contoso.com
- http://cluster.name
- http://docs.splunk.com/Documentation/Forwarder/9.0.4/Forwarder/Abouttheuniversalforwarder
- http://docs.splunk.com/Documentation/Forwarder/9.0.4/Forwarder/InstallaWindowsuniversalforwarderfromaninstaller
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Admin/Aboutconfigurationfiles
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/Abouthosts
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/Configureyourinputs#Edit_inputs.conf
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/ConsiderationsfordecidinghowtomonitorWindowsdata
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/Forwarddata
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/MonitorWMIdata#Security_and_remote_access_considerations
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/MonitorWindowseventlogdata#Configure_remote_event_log_monitoring
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/MonitorWindowseventlogdata#Go_to_the_Add_New_page
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/MonitorWindowseventlogdata#Review_your_choices
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Data/MonitorWindowseventlogdata#Specify_input_settings
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Installation/ChoosetheuserSplunkshouldrunas
- http://docs.splunk.com/Documentation/Splunk/9.0.4/Installation/InstallonWindows
- http://docs.splunk.com/Documentation/SplunkCloud/9.0.2209/Data/Abouthosts
- http://docs.splunk.com/Documentation/SplunkCloud/latest/Admin/WindowsGDI
- http://frame.coloring_rule.name
- http://icmpv6.nd.ns.target
- http://ip.host
- http://ipv6.geoip.country
- http://ipv6.geoip.lat
- http://ipv6.geoip.org
- http://ipv6.host
- http://java.util.concurrent.locks.AbstractQueuedSynchronizer.do
- http://listener.logz.io:5015
- http://localhost:5601/app/kibana#/dev_tools/console?load_from=https://www.elastic.co/guide/en/elasticsearch/reference/current/snippets/1097.console
- http://logz.io
- http://mailsniper.ps
- http://msdn.microsoft.com/en-us/library/aa379567
- http://msdn.microsoft.com/en-us/library/aa379567(v=VS.85).aspx
- http://network.host
- http://node.name
- http://regex101.com
- http://technet.microsoft.com/en-us/library/cc727935%28v=ws.10%29.aspx
- http://technet.microsoft.com/en-us/library/cc727935%28v=ws.10%29.aspx.
- http://user.id
- https://app.logz.io/#/apps
- https://artifacts.elastic.co/GPG-KEY-elasticsearch
- https://artifacts.elastic.co/packages/7.x/apt
- https://artifacts.elastic.co/packages/oss-7.x/apt
- https://attack.mitre.org/techniques/T1021/001/
- https://attack.mitre.org/techniques/T1027/005/
- https://attack.mitre.org/techniques/T1055/
- https://attack.mitre.org/techniques/T1059/001/
- https://attack.mitre.org/techniques/T1114/001/
- https://attack.mitre.org/techniques/T1140/
- https://attack.mitre.org/techniques/T1204/
- https://attack.mitre.org/techniques/T1490/
- https://attack.mitre.org/techniques/T1546/003/
- https://attack.mitre.org/techniques/T1562/
- https://attack.mitre.org/techniques/T1592/
- https://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/
- https://cdn.comparitech.com/wp-content/uploads/2019/06/ws-main-toolbar.jpg.webp
- https://db-engines.com/en/blog_post/70
- https://dev.maxmind.com/geoip/geoip2/geolite2/
- https://devblogs.microsoft.com/powershell/powershell-the-blue-team/
- https://docs.logz.io/shipping/log-sources/filebeat.html
- https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_logging?view=powershell-5.1
- https://docs.splunk.com/Documentation/CIM/latest/User/Overview
- https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/Erex
- https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/Rex
- https://docs.splunk.com/Documentation/Splunk/9.0.4/Data/MonitorWindowseventlogdata
- https://docs.splunk.com/Documentation/SplunkCloud/latest/Data/MonitorWindowshostinformation#Go_to_the_Add_Data_page
- https://docs.splunk.com/Documentation/SplunkCloud/latest/Data/MonitorWindowshostinformation#Review_your_choices
- https://docs.splunk.com/Documentation/SplunkCloud/latest/Data/MonitorWindowshostinformation#Select_the_input_source
- https://docs.splunk.com/Documentation/SplunkCloud/latest/Data/MonitorWindowshostinformation#Specify_input_settings
- https://docs.splunk.com/Documentation/UBA/5.0.4.1/GetDataIn/AddPowerShell
- https://docs.splunk.com/Splexicon:Host
- https://docs.splunk.com/Splexicon:Source
- https://docs.splunk.com/Splexicon:Sourcetype
- https://en.wikipedia.org/wiki/C_(programming_language)
- https://en.wikipedia.org/wiki/Comma-separated_values
- https://en.wikipedia.org/wiki/Deterministic_finite_automaton
- https://en.wikipedia.org/wiki/JSON
- https://en.wikipedia.org/wiki/Pass_the_hash
- https://en.wikipedia.org/wiki/Regular_expression
- https://events.splunk.com/Security_workshops_ENG
- https://github.com/MHaggis/notes/blob/master/utilities/Invoke-SPLPowerShellAuditLogging.ps1
- https://github.com/SigmaHQ/sigma
- https://github.com/deargle/lab-security-onion
- https://github.com/elastic/elasticsearch/edit/8.6/docs/reference/query-dsl/regexp-query.asciidoc
- https://github.com/elastic/elasticsearch/tree/master/plugins
- https://github.com/inodee/threathunting-spl/blob/master/hunt-queries/powershell_qualifiers.md
- https://github.com/marcurdy/dfir-toolset/blob/master/Powershell%20Blueteam.txt
- https://github.com/phantomcyber/playbooks/blob/4.10/block_indicators.py
- https://github.com/phantomcyber/playbooks/blob/4.10/email_notification_for_malware.py
- https://github.com/phantomcyber/playbooks/blob/4.10/malware_hunt_and_contain.py
- https://github.com/redcanaryco/AtomicTestHarnesses
- https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1059.001/T1059.001.md
- https://github.com/redcanaryco/invoke-atomicredteam/
- https://github.com/redcanaryco/invoke-atomicredteam/wiki/Installing-Atomic-Red-Team#install-execution-framework-and-atomics-folder
- https://github.com/splunk/attack_data
- https://github.com/splunk/attack_range
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/allow_inbound_traffic_in_firewall_rule.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/delete_shadowcopy_with_powershell.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/detect_empire_with_powershell_script_block_logging.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/detect_mimikatz_with_powershell_script_block_logging.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/detect_wmi_event_subscription_persistence.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/mailsniper_invoke_functions.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_4104_hunting.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_creating_thread_mutex.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_domain_enumeration.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_enable_smb1protocol_feature.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_fileless_process_injection_via_getprocaddress.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_fileless_script_contains_base64_encoded_content.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_loading_dotnet_into_memory_via_system_reflection_assembly.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_processing_stream_of_data.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/powershell_using_memory_as_backing_store.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/recon_avproduct_through_pwh_or_wmi.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/recon_using_wmi_class.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/unloading_amsi_via_reflection.yml
- https://github.com/splunk/security_content/blob/develop/detections/endpoint/wmi_recon_running_process_or_services.yml
- https://github.com/splunk/security_content/issues
- https://github.com/splunk/security_content/pulls
- https://github.com/timip/splunk/blob/master/powershell_logging.ps1
- https://github.com/topotam/PetitPotam
- https://gitlab.com/wireshark/wireshark/-/wikis/HowToDissectAnything
- https://gitlab.com/wireshark/wireshark/wikis/TLS
- https://hackertarget.com/tshark-tutorial-and-filter-examples/
- https://hackertarget.com/wireshark-tutorial-and-cheat-sheet/
- https://hackertarget.com/wireshark-tutorial-and-cheat-sheet/#decryptssl
- https://hackertarget.com/wireshark-tutorial-and-cheat-sheet/#extractfiles
- https://hackertarget.com/wireshark-tutorial-and-cheat-sheet/#follow
- https://haydz.github.io/2020/04/20/elearnircert.html
- https://hurricanelabs.com/splunk-tutorials/how-to-use-powershell-transcription-logs-in-splunk/
- https://ivanitlearning.wordpress.com/2020/07/14/review-of-elss-ihrp-course/
- https://kinneygroup.com/atlas/search?utm_source=organic_search&utm_medium=blog&utm_campaign=2022_Q4_CTA_project&utm_id=2022_Q4_blogCTA_project&utm_term=atlas_contextual&utm_content=text
- https://kinneygroup.com/blog/regular-expressions-in-splunk
- https://lantern.splunk.com/Data_Descriptors/Endpoint_data
- https://lantern.splunk.com/Splunk_Platform/Use_Cases/Use_Cases_Security/Threat_Hunting/Detecting_Windows_file_extension_abuse
- https://logz.io/blog/10-elasticsearch-concepts/
- https://logz.io/blog/5-easy-ways-to-crash-elk/
- https://logz.io/blog/5-logstash-filter-plugins/
- https://logz.io/blog/5-logstash-pitfalls-and-how-to-avoid-them/
- https://logz.io/blog/analyze-salesforce-elk-stack/
- https://logz.io/blog/anti-ddos-attack-protection/
- https://logz.io/blog/apache-log-analyzer/
- https://logz.io/blog/application-performance-monitoring/
- https://logz.io/blog/aws-security/
- https://logz.io/blog/beats-tutorial/
- https://logz.io/blog/configuring-elasticsearch-beats/
- https://logz.io/blog/custom-kibana-visualizations/
- https://logz.io/blog/debug-logstash/
- https://logz.io/blog/deploying-kafka-with-elk/
- https://logz.io/blog/docker-metricbeat/
- https://logz.io/blog/elasticsearch-api/
- https://logz.io/blog/elasticsearch-cheat-sheet/
- https://logz.io/blog/elasticsearch-cluster-tutorial/
- https://logz.io/blog/elasticsearch-queries/
- https://logz.io/blog/elasticsearch-sql-support/
- https://logz.io/blog/elasticsearch-tutorial/
- https://logz.io/blog/elk-mac/
- https://logz.io/blog/elk-siem/
- https://logz.io/blog/elk-stack-ansible/
- https://logz.io/blog/elk-stack-google-cloud/
- https://logz.io/blog/elk-stack-on-docker/
- https://logz.io/blog/elk-stack-raspberry-pi/
- https://logz.io/blog/elk-stack-windows/
- https://logz.io/blog/filebeat-pitfalls/
- https://logz.io/blog/filebeat-vs-logstash/
- https://logz.io/blog/fluentd-logstash/
- https://logz.io/blog/install-elk-stack-azure/
- https://logz.io/blog/kibana-tutorial/
- https://logz.io/blog/linux-auditbeat-elk/
- https://logz.io/blog/log-analysis-technical-seo/
- https://logz.io/blog/logstash-plugins/
- https://logz.io/blog/logstash-tutorial/
- https://logz.io/blog/network-log-analysis-packetbeat-elk-stack/
- https://logz.io/blog/perfect-kibana-dashboard/
- https://logz.io/blog/siem-dashboard-aws-elk-stack/
- https://logz.io/blog/the-cost-of-doing-elk-stack-on-your-own/
- https://logz.io/blog/the-top-5-elasticsearch-mistakes-how-to-avoid-them/
- https://logz.io/blog/what-is-business-intelligence/
- https://logz.io/blog/windows-event-log-analysis/
- https://logz.io/blog/zipkin-elk/
- https://logz.io/learn/complete-guide-elk-stack/
- https://logz.io/tag/elasticsearch/
- https://logz.io/tag/kibana/
- https://logz.io/tag/logstash/
- https://lucene.apache.org/core/
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1018/constrained/windows-powershell.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1018/unconstrained/windows-powershell.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1018/unconstrained2/windows-powershell.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1110.003/purplesharp_disabled_users_kerberos/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1110.003/purplesharp_invalid_users_kerberos/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1110.003/purplesharp_valid_users_kerberos/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1550.003/rubeus/windows-sysmon.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1550/impacket/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1558.001/impacket/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1558.003/atomic_red_team/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1558.003/rubeus/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1558.004/getaduser/windows-powershell.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1558.004/powershell/windows-powershell.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1558.004/powershell/windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1558.004/powerview/windows-powershell.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1589.002/kerbrute/windows-security.log
- https://mohomedarfath.medium.com/siem-implementation-with-elk-stack-for-windows-and-linux-791395df470b
- https://portswigger.net/burp
- https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/install-atomicredteam.ps1'
- https://regex101.com/
- https://research.splunk.com/detections/
- https://research.splunk.com/endpoint/c4db14d9-7909-48b4-a054-aa14d89dbb19/
- https://research.splunk.com/endpoint/disabled_kerberos_pre-authentication_discovery_with_get-aduser/
- https://research.splunk.com/endpoint/disabled_kerberos_pre-authentication_discovery_with_powerview/
- https://research.splunk.com/endpoint/kerberoasting_spn_request_with_rc4_encryption/
- https://research.splunk.com/endpoint/kerberos_pre-authentication_flag_disabled_in_useraccountcontrol/
- https://research.splunk.com/endpoint/kerberos_pre-authentication_flag_disabled_with_powershell/
- https://research.splunk.com/endpoint/kerberos_service_ticket_request_using_rc4_encryption/
- https://research.splunk.com/endpoint/kerberos_tgt_request_using_rc4_encryption/
- https://research.splunk.com/endpoint/kerberos_user_enumeration/
- https://research.splunk.com/endpoint/mimikatz_passtheticket_commandline_parameters/
- https://research.splunk.com/endpoint/multiple_disabled_users_failing_to_authenticate_from_host_using_kerberos/
- https://research.splunk.com/endpoint/multiple_invalid_users_failing_to_authenticate_from_host_using_kerberos/
- https://research.splunk.com/endpoint/multiple_users_failing_to_authenticate_from_host_using_kerberos/
- https://research.splunk.com/endpoint/petitpotam_suspicious_kerberos_tgt_request/
- https://research.splunk.com/endpoint/rubeus_command_line_parameters/
- https://research.splunk.com/endpoint/rubeus_kerberos_ticket_exports_through_winlogon_access/
- https://research.splunk.com/endpoint/serviceprincipalnames_discovery_with_powershell/
- https://research.splunk.com/endpoint/serviceprincipalnames_discovery_with_setspn/
- https://research.splunk.com/endpoint/suspicious_kerberos_service_ticket_request/
- https://research.splunk.com/endpoint/suspicious_ticket_granting_ticket_request/
- https://research.splunk.com/endpoint/unknown_process_using_the_kerberos_protocol/
- https://research.splunk.com/endpoint/unusual_number_of_computer_service_tickets_requested/
- https://research.splunk.com/endpoint/unusual_number_of_kerberos_service_tickets_requested/
- https://research.splunk.com/endpoint/windows_get-adcomputer_unconstrained_delegation_discovery/
- https://research.splunk.com/endpoint/windows_powerview_constrained_delegation_discovery/
- https://research.splunk.com/endpoint/windows_powerview_unconstrained_delegation_discovery/
- https://research.splunk.com/stories/active_directory_kerberos_attacks/
- https://research.splunk.com/stories/active_directory_lateral_movement/
- https://research.splunk.com/stories/active_directory_password_spraying/
- https://research.splunk.com/stories/malicious_powershell/
- https://research.splunk.com/stories/petitpotam_ntlm_relay_on_active_directory_certificate_services/
- https://s3.amazonaws.com/logzio-elk/apache-daily-access.log
- https://securityintelligence.com/news/trickbot-learns-from-wannacry-and-petya-by-adding-self-spreading-worm-module/
- https://splunkbase.splunk.com/app/4984/
- https://subtlystoic.medium.com/how-to-prepare-for-the-ecir-exam-5735235b2098
- https://twitter.com/ateixei
- https://uncoder.io
- https://uncoder.io/
- https://unicornsec.com/home/siem-home-lab-series-part-1
- https://unit42.paloaltonetworks.com/unit42-customizing-wireshark-changing-column-display/
- https://unit42.paloaltonetworks.com/using-wireshark-exporting-objects-from-a-pcap/
- https://web.archive.org/web/20140416072301/http:/www.nbee.org/doku.php?id=netpdl:pdml_specification
- https://web.archive.org/web/20141115200425/http:/www.nbee.org/doku.php?id=netpdl:psml_specification
- https://wiki.wireshark.org/SampleCaptures
- https://www.bencteux.fr/posts/ecir/
- https://www.codelivly.com/wireshark-cheatsheet/
- https://www.crowdstrike.com/cybersecurity-101/advanced-persistent-threat-apt/
- https://www.crowdstrike.com/cybersecurity-101/cross-site-scripting-xss/
- https://www.crowdstrike.com/cybersecurity-101/cyber-kill-chain/
- https://www.crowdstrike.com/cybersecurity-101/malware/
- https://www.crowdstrike.com/cybersecurity-101/malware/trojan-malware/
- https://www.crowdstrike.com/cybersecurity-101/ransomware/
- https://www.crowdstrike.com/cybersecurity-101/social-engineering-attacks/
- https://www.crowdstrike.com/cybersecurity-101/spoofing-attacks/
- https://www.crowdstrike.com/cybersecurity-101/zero-day-exploit/
- https://www.dtonomy.com/chatgpt-for-cyber-security/
- https://www.eff.org/deeplinks/2018/07/sextortion-scam-what-do-if-you-get-latest-phishing-spam-demanding-bitcoin
- https://www.elastic.co/
- https://www.elastic.co/guide/en/elasticsearch/reference/6.1/api-conventions.html
- https://www.elastic.co/guide/en/elasticsearch/reference/current/important-settings.html
- https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules.html#index-max-regex-length
- https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-multi-term-rewrite.html
- https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-regexp-query.html
- https://www.elastic.co/guide/en/elasticsearch/reference/current/regexp-syntax.html
- https://www.elastic.co/guide/en/elasticsearch/reference/current/regexp-syntax.html#regexp-optional-operators
- https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html
- https://www.elastic.co/guide/en/logstash/current/performance-troubleshooting.html
- https://www.elastic.co/guide/en/security/current/mimikatz-memssp-log-file-detected.html
- https://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html
- https://www.geeksforgeeks.org/10-gigabit-ethernet/
- https://www.geeksforgeeks.org/access-control-in-computer-network/
- https://www.geeksforgeeks.org/advantage-and-disadvantage-of-mesh-topology/
- https://www.geeksforgeeks.org/advantages-and-disadvantages-of-bus-topology/
- https://www.geeksforgeeks.org/advantages-and-disadvantages-of-hybrid-topology/
- https://www.geeksforgeeks.org/advantages-and-disadvantages-of-ring-topology/
- https://www.geeksforgeeks.org/advantages-and-disadvantages-of-star-topology/
- https://www.geeksforgeeks.org/advantages-and-disadvantages-of-tree-topology/
- https://www.geeksforgeeks.org/application-layer-in-osi-model/
- https://www.geeksforgeeks.org/ascii-table/
- https://www.geeksforgeeks.org/authentication-in-computer-network/
- https://www.geeksforgeeks.org/basic-frame-structure-of-hdlc/
- https://www.geeksforgeeks.org/bootstrap-protocol-bootp/
- https://www.geeksforgeeks.org/border-gateway-protocol-bgp/
- https://www.geeksforgeeks.org/carrier-sense-multiple-access-csma/
- https://www.geeksforgeeks.org/collision-detection-csmacd/
- https://www.geeksforgeeks.org/components-of-x-25-network/
- https://www.geeksforgeeks.org/computer-network-cheat-sheet/
- https://www.geeksforgeeks.org/data-communication-over-telephone-lines-using-modems/
- https://www.geeksforgeeks.org/data-link-layer/
- https://www.geeksforgeeks.org/difference-between-com-and-dcom/
- https://www.geeksforgeeks.org/difference-between-fast-ethernet-and-gigabit-ethernet/
- https://www.geeksforgeeks.org/difference-between-ftps-and-sftp/
- https://www.geeksforgeeks.org/difference-between-radio-wave-microwave-and-infrared-waves/
- https://www.geeksforgeeks.org/difference-between-simplex-half-duplex-and-full-duplex-transmission-modes/
- https://www.geeksforgeeks.org/difference-between-sip-and-voip/
- https://www.geeksforgeeks.org/difference-between-wdm-and-sonet/
- https://www.geeksforgeeks.org/differences-between-pop3-and-imap/
- https://www.geeksforgeeks.org/differences-between-pure-and-slotted-aloha/
- https://www.geeksforgeeks.org/digital-subscriber-line-dsl/
- https://www.geeksforgeeks.org/distributed-component-object-model-dcom/
- https://www.geeksforgeeks.org/domain-name-system-dns-in-application-layer/
- https://www.geeksforgeeks.org/dynamic-host-configuration-protocol-dhcp/
- https://www.geeksforgeeks.org/eigrp-fundamentals/
- https://www.geeksforgeeks.org/encryption-its-algorithms-and-its-future/
- https://www.geeksforgeeks.org/examples-of-data-link-layer-protocols/
- https://www.geeksforgeeks.org/fiber-optics-and-types/
- https://www.geeksforgeeks.org/file-transfer-protocol-ftp-in-application-layer/
- https://www.geeksforgeeks.org/file-transfer-protocol-ftp/
- https://www.geeksforgeeks.org/fragmentation-network-layer/
- https://www.geeksforgeeks.org/frequency-division-and-time-division-multiplexing/
- https://www.geeksforgeeks.org/fundamentals-of-virtual-networking/
- https://www.geeksforgeeks.org/gre-fullform/
- https://www.geeksforgeeks.org/how-address-resolution-protocol-arp-works/
- https://www.geeksforgeeks.org/http-full-form/
- https://www.geeksforgeeks.org/ieee-802-11-mac-frame/
- https://www.geeksforgeeks.org/ieee-802-6-dqdb/
- https://www.geeksforgeeks.org/infrared-light-for-transmission/
- https://www.geeksforgeeks.org/inter-vlan-routing-layer-3-switch/
- https://www.geeksforgeeks.org/internet-control-message-protocol-icmp/
- https://www.geeksforgeeks.org/internet-message-access-protocol-imap/
- https://www.geeksforgeeks.org/internet-relay-chat-irc/
- https://www.geeksforgeeks.org/introduction-of-classful-ip-addressing/
- https://www.geeksforgeeks.org/introduction-of-firewall-in-computer-network/
- https://www.geeksforgeeks.org/introduction-of-gigabit-ethernet/
- https://www.geeksforgeeks.org/introduction-of-mac-address-in-computer-network/
- https://www.geeksforgeeks.org/introduction-of-spanning-tree-protocol-stp/
- https://www.geeksforgeeks.org/introduction-to-microsoft-smb-a-network-file-sharing-protocol/
- https://www.geeksforgeeks.org/introduction-to-sshsecure-shell-keys/
- https://www.geeksforgeeks.org/ip-security-ipsec/
- https://www.geeksforgeeks.org/ipsec-architecture/
- https://www.geeksforgeeks.org/lan-full-form/
- https://www.geeksforgeeks.org/lightweight-directory-access-protocol-ldap/
- https://www.geeksforgeeks.org/link-access-procedure-lap-protocols/
- https://www.geeksforgeeks.org/link-access-protocol-d-channel-lapd/
- https://www.geeksforgeeks.org/local-area-network-lan-technologies/
- https://www.geeksforgeeks.org/logical-link-control-llc-protocol-data-unit/
- https://www.geeksforgeeks.org/mac-filtering-in-computer-network/
- https://www.geeksforgeeks.org/man-full-form-in-computer-networking/
- https://www.geeksforgeeks.org/mobile-internet-protocol-or-mobile-ip/
- https://www.geeksforgeeks.org/network-address-translation-nat/
- https://www.geeksforgeeks.org/network-devices-hub-repeater-bridge-switch-router-gateways/
- https://www.geeksforgeeks.org/network-file-system-nfs/
- https://www.geeksforgeeks.org/network-layer-gq/
- https://www.geeksforgeeks.org/network-news-transfer-protocol-nntp/
- https://www.geeksforgeeks.org/open-shortest-path-first-ospf-protocol-states/
- https://www.geeksforgeeks.org/overview-of-wireless-metropolitan-area-network-wman/
- https://www.geeksforgeeks.org/overview-of-wireless-personal-area-network-wpan/
- https://www.geeksforgeeks.org/pan-full-form/
- https://www.geeksforgeeks.org/physical-layer-in-osi-model/
- https://www.geeksforgeeks.org/point-to-point-protocol-ppp-suite/
- https://www.geeksforgeeks.org/presentation-layer-in-osi-model/
- https://www.geeksforgeeks.org/protocols-application-layer/
- https://www.geeksforgeeks.org/radio-waves-formula/
- https://www.geeksforgeeks.org/rapid-spanning-tree-protocol/
- https://www.geeksforgeeks.org/remote-procedure-call-rpc-in-operating-system/
- https://www.geeksforgeeks.org/routing-information-protocol-rip/
- https://www.geeksforgeeks.org/secure-socket-layer-ssl/
- https://www.geeksforgeeks.org/session-initiation-protocol/
- https://www.geeksforgeeks.org/session-layer-in-osi-model/
- https://www.geeksforgeeks.org/simple-mail-transfer-protocol-smtp/
- https://www.geeksforgeeks.org/simple-network-management-protocol-snmp/
- https://www.geeksforgeeks.org/slip-full-form/
- https://www.geeksforgeeks.org/software-development-life-cycle-sdlc/
- https://www.geeksforgeeks.org/switch-functions-at-layer-2/
- https://www.geeksforgeeks.org/symmetric-stripline/
- https://www.geeksforgeeks.org/the-internet-and-the-web/
- https://www.geeksforgeeks.org/transport-layer-responsibilities/
- https://www.geeksforgeeks.org/twisted-pair-cable/
- https://www.geeksforgeeks.org/type-of-stations-for-hdlc-protocol/
- https://www.geeksforgeeks.org/types-of-area-networks-lan-man-and-wan/
- https://www.geeksforgeeks.org/types-of-routing/
- https://www.geeksforgeeks.org/types-transmission-media/
- https://www.geeksforgeeks.org/user-datagram-protocol-udp/
- https://www.geeksforgeeks.org/voice-over-internet-protocol-voip/
- https://www.geeksforgeeks.org/wan-full-form/
- https://www.geeksforgeeks.org/what-is-an-ip-address/
- https://www.geeksforgeeks.org/what-is-coaxial-cable/
- https://www.geeksforgeeks.org/what-is-encapsulating-security-payload/
- https://www.geeksforgeeks.org/what-is-extranet-definition-implementation-features/
- https://www.geeksforgeeks.org/what-is-intranet/
- https://www.geeksforgeeks.org/what-is-modulation/
- https://www.geeksforgeeks.org/what-is-mstpmultiple-spanning-tree-protocol/
- https://www.geeksforgeeks.org/what-is-rarp/
- https://www.geeksforgeeks.org/what-is-transmission-control-protocol-tcp/
- https://www.geeksforgeeks.org/what-is-wi-fiwireless-fidelity/
- https://www.geeksforgeeks.org/wi-fi-standards-explained/
- https://www.hackingarticles.in/siem-log-monitoring-lab-setup-with-splunk/
- https://www.leveleffect.com/blog/how-to-set-up-your-own-home-lab-with-elk
- https://www.linkedin.com/in/tim-ip/
- https://www.linkedin.com/posts/tyler-hodges-a3464355_using-chatgpt-to-create-regex-patterns-for-activity-7016061921422438400-dfQz/?originalSubdomain=py
- https://www.linkedin.com/pulse/elastic-stack-automated-threat-response-sure-why-hung-nguyen/
- https://www.linkedin.com/pulse/my-review-ecir-exam-joas-a-santos/
- https://www.loc.gov/preservation/digital/formats/fdd/fdd000388.shtml
- https://www.loc.gov/preservation/digital/formats/fdd/fdd000393.shtml
- https://www.malware-traffic-analysis.net/training/exporting-objects.html
- https://www.mezmo.com/learn-observability/using-kibana-to-search-your-logs
- https://www.rapid7.com/fundamentals/network-traffic-analysis/#:~:text=Network%20traffic%20analysis%20
- https://www.rapid7.com/fundamentals/network-traffic-analysis/#:~:text=Network%20traffic%20analysis%20(NTA)%20is,malware%20such%20as%20ransomware%20activity
- https://www.rapid7.com/fundamentals/types-of-attacks/
- https://www.rapid7.com/products/insightidr/features/network-traffic-analysis/
- https://www.specterops.io/assets/resources/Certified_Pre-Owned.pdf
- https://www.splunk.com/blog/2010/09/01/event-correlation.html
- https://www.splunk.com/en_us/blog/learn/event-correlation-best-practices.html
- https://www.splunk.com/en_us/blog/security/detecting-active-directory-kerberos-attacks-threat-research-release-march-2022.html
- https://www.splunk.com/en_us/blog/security/hunting-for-malicious-powershell-using-script-block-logging.html
- https://www.splunk.com/en_us/blog/security/powershell-detections-threat-research-release-august-2021.html
- https://www.splunk.com/en_us/data-insider/ai-and-machine-learning.html
- https://www.splunk.com/en_us/data-insider/ai-for-it-operations-aiops.html
- https://www.splunk.com/en_us/data-insider/anomaly-detection.html
- https://www.splunk.com/en_us/data-insider/it-event-correlation.html
- https://www.splunk.com/en_us/data-insider/what-are-modern-cybersecurity-threats.html
- https://www.splunk.com/en_us/data-insider/what-is-cybersecurity.html
- https://www.splunk.com/en_us/data-insider/what-is-regulatory-compliance.html
- https://www.splunk.com/en_us/data-insider/what-is-root-cause-analysis.html
- https://www.splunk.com/en_us/data-insider/what-is-siem.html
- https://www.splunk.com/en_us/software/splunk-security-orchestration-and-automation.html
- https://www.statista.com/statistics/753938/worldwide-enterprise-server-hourly-downtime-cost/
- https://www.virustotal.com/gui/file/ca34b0926cdc3242bbfad1c4a0b42cc2750d90db9a272d92cfb6cb7034d2a3bd/detection
- https://www.wired.co.uk/article/what-is-eternal-blue-exploit-vulnerability-patch
- https://www.wireshark.org/docs/dfref/i/ip.html
- https://www.wireshark.org/docs/man-pages/wireshark-filter.html
- https://www.wireshark.org/docs/wsug_html_chunked/AppToolstshark.html
- https://www.wireshark.org/docs/wsug_html_chunked/ChCustPreferencesSection.html
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOExportSection.html
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOExportSection.html#ChIOExportPDUSDialog
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOExportSection.html#ExportPDUsToFile
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOExportSection.html#TlsSessionKeys
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOImportSection.html
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOPacketRangeSection.html
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOSaveSection.html
- https://www.wireshark.org/docs/wsug_html_chunked/ChIOSaveSection.html#ChIOSaveAs
- https://www.wireshark.org/download.html
- https://www.youtube.com/watch?app=desktop&v=GWl-TuAAF-k&ab_channel=SplunkHow-To
- https://www.youtube.com/watch?v=0OzIMgcpVMY&ab_channel=Elastic
- https://www.youtube.com/watch?v=3t1BNAavrlQ&ab_channel=HackeXPlorer
- https://www.youtube.com/watch?v=7DRHt8LJN_g&ab_channel=Splunk
- https://www.youtube.com/watch?v=CG9QxkWU8hA&ab_channel=CyberInsight
- https://www.youtube.com/watch?v=IwlV3wVX4xs&ab_channel=I.TSecurityLabs
- https://www.youtube.com/watch?v=MB8KHnhpkY0&ab_channel=LauraChappell
- https://www.youtube.com/watch?v=NbXBOaIfGfU&ab_channel=I.TSecurityLabs
- https://www.youtube.com/watch?v=YUEMjWk6dvk&ab_channel=HackeXPlorer
- https://www.youtube.com/watch?v=gC3g8bLkhYg&ab_channel=I.TSecurityLabs
- https://www.youtube.com/watch?v=h_915T2-n90&ab_channel=FaculdadeVincit
- https://www.youtube.com/watch?v=ia9E4x8iVDk&ab_channel=DayCyberwox
- Show all