Got another write-up complete!! This time it is the Friday Overtime room on TryHackMe. This was a fun room were you dig into some CTI practices. If you haven't checked it out yet, please do. Along with that, check out my write-ups on the room. They are on both my personal webpage and my Medium page. Also my shop is now live, meaning if you enjoy my write-ups you can help support them by purchasing an item from my shop.

#TryHackMe #SocLevelOnePath #CTI

https://haircutfish.com/posts/Friday-Overtime/

https://medium.com/@haircutfish/tryhackme-room-friday-overtime-2fcdc9507cfa

https://shop.haircutfish.com

After being requested from a follower of my write-ups. I went back and working on the new additions to the SOC Level One Path on TryHackMe, that I haven't completed yet. I plan on doing write-ups of these as well. Here is the first one, it was on the Summit Room. This room was really cool because the company your helping hired a hacker named Sphinx that your in communications with. So your using the steps on the pyramid of pain to thwart Sphinx ever step of the way. Head over to my webpage or Medium and give my write-up a read.

#TryHackMe #SOCLevelOnePath #PyramidOfPain

https://haircutfish.com/posts/Summit-room/

https://medium.com/@haircutfish/tryhackme-room-summit-9045eb77d3c0

I have finished the final write-up for the OSquery Room on TryHackMe. It was a great room to go through! I always enjoy working from the command line. You can check out the write-up from my personal website or Medium page. Let me know what you think, and share with anyone that may need a little help.

I also want to mention, I am taking a break from creating write-ups. As I am focusing on finishing up the SOC Level One Path on TryHackMe. After I complete the path, I plan on switching over to Let's Defend. So I can work on more practical SOC Analyst Skills.

#OSquery #TryHackMe #SOCLevelOnePath #Writeup

https://haircutfish.com/posts/Osquery-The-Basics-Room-Task-4-Schema-Documentation-Task-5-Creating-SQL-queries-and-Task-6-Challenge-and-Conclusion/

https://medium.com/@haircutfish/tryhackme-osquery-the-basics-room-task-4-schema-documentation-task-5-creating-sql-queries-and-7e308e8b602e

Learning some OSquery in the TryHackMe room. Starting off with Tasks 1, 2, and 3. Which are used to help you get started with OSquery and get you connected to the VM. If you're interested in going through this room, you will need to be a subscriber on TryHackme. My write-up on these first three Tasks can be viewed either on my Personal webpage or Medium:

#TryHackMe #OSquery #SOCLevelOnePath

https://haircutfish.com/posts/Osquery-The-Basics-Room-Task-1-Introduction-Task-2-Connect-with-the-Lab-and-Task-3-Osquery-Interactive-Mode/

https://medium.com/@haircutfish/tryhackme-osquery-the-basics-room-task-1-introduction-task-2-connect-with-the-lab-and-task-3-def678d5ac26

Today I went through the Intro to Endpoint Security room on TryHackMe. Not a difficult room, but one that gets you ready for what's to come. My next stop is OSQuery, as I have completed the most of this part of the path before it was created previously. If you'd like, head over to my personal webpage or Medium page to check out the write-up!!

#TryHackMe #IntroToEndpointSecurity #SOCLevelOnePath

https://haircutfish.com/posts/Intro-To-Endpoint-Security/

https://medium.com/@haircutfish/tryhackme-intro-to-endpoint-security-room-12f053fa927c

Closing out the Wireshark analysis room with the final couple of tasks. Super neat tools to use in Wireshark to see possible plaintext credentials and firewall rule creation. Head over to my webpage or Medium and check out my write-up!!!

#TryHackMe #Wireshark #SOCLevelOnePath

https://haircutfish.com/posts/Wireshark-Traffic-Analysis-Task-9-Bonus-Hunt-Cleartext-Credentials-Task-10-Bonus-Actionable-Results-and-Task-11-Conclusion/

https://medium.com/@haircutfish/tryhackme-wireshark-traffic-analysis-task-9-bonus-hunt-cleartext-credentials-5379bb1c28e6

Got the next write-up finished on the Wireshark Traffic Analysis Room. This time it is on Task 7 Cleartext Protocol Analysis: HTTP & Task 8 Encrypted Protocol Analysis: Decrypting HTTPS. It was fun digging into both the HTTP and HTTPS protocol through Wireshark. Head over and check out the write-up!!!

#TryHackMe #Wireshark #SocLevelOnePath #HTTP #HTTPS

https://haircutfish.com/posts/Wireshark-Traffic-Analysis-Task-7-Cleartext-Protocol-Analysis-HTTP-&-Task-8-Encrypted-Protocol-Analysis-Decrypting-HTTPS/

https://medium.com/@haircutfish/tryhackme-wireshark-traffic-analysis-task-7-cleartext-protocol-analysis-http-task-8-encrypted-1d3d929f6b9

Just published the next write-up in the TryHackMe Wireshark Traffic Analysis Room. This one is on Task 5 Tunneling Traffic and ICMP and Task 6 Cleartext Protocol Analysis in FTP. Both tasks were fun and challenging. Head over to my webpage or Medium to check out my write-ups!!!

#TryHackMe #WriteUp #Wireshark #SOCLevelOnePath

https://haircutfish.com/posts/Wireshark-Traffic-Analysis-Task-5-Tunneling-Traffic-DNS-and-ICMP-&-Task-6-Cleartext-Protocol-Analysis-FTP/

https://medium.com/@haircutfish/tryhackme-wireshark-traffic-analysis-task-5-tunneling-traffic-dns-and-icmp-task-6-cleartext-a207e006fbd1

Here is my write-up on Task 6 of the Brim room. This was an exercise looking at a C2 detection from CobaltStrike. Head over to Medium or my website to check it out!!!

#TryHackMe #Brim #SocLevelOnePath

https://medium.com/@haircutfish/tryhackme-brim-task-6-exercise-threat-hunting-with-brim-malware-c2-detection-ea94926f577d

https://haircutfish.com

Here is the start of the Brim room, Tasks 1 thru 3, in these tasks you get to learn the fundamentals of the program. Then in the 3rd task you get to get you hands wet by using Brim, a pretty awesome tool!! Make sure you check out my write-up on it on Medium and my website!!!

#TryHackMe #Brim #SocLevelOnePath

https://medium.com/@haircutfish/tryhackme-brim-task-1-introduction-task-2-what-is-brim-task-3-the-basics-32772c13d8c2