https://facyber.me/
facyber
Security engineer who is interested in pentesting, blue team, OSINT, Python, Networking, Linux and open source. This website presents some of my so far experience with volunteering for Mozilla, my road from basic IT guy to security and it's magic.
2023-07-21T08:58:03+02:00
Marko Andrejic
https://facyber.me/
Jekyll
© 2023 Marko Andrejic
/assets/img/favicons/favicon.ico
/assets/img/favicons/favicon-96x96.png
Building Blue Team Home Lab Part 12 - SIEM Part 3
2023-07-20T17:12:00+02:00
2023-07-20T17:12:00+02:00
https://facyber.me/posts/blue-team-lab-guide-part-12/
facyber
At last, we came to the “final” article in this home lab guide. It is “final” because who knows, maybe at some point I add another article if I remember I forgot something, or I want to add something new. We will cover first the basics of SOC use cases and then we will demonstrate a few of them in our lab environment.
Basic SOC Use Cases
People often confuse NOC use cases with SOC use cases. ...
Building Blue Team Home Lab Part 11 - SIEM Part 2
2023-07-20T17:11:00+02:00
2023-07-20T17:11:00+02:00
https://facyber.me/posts/blue-team-lab-guide-part-11/
facyber
In this article, we will focus on deploying HIDS agents on our VMs in VLAN 20, the Corporate LAN network. I was planning to use osquery (FleetDM) because you should have nice asset management plus a good HIDS solution but for some reason, I never managed to configure it. Last thing I’ve tried to update SO to 2.3.260 with soup commands, but now I can’t even open FleetDM, so I won’t bother with i...
Building Blue Team Home Lab Part 10 - SIEM Part 1
2023-07-20T17:10:00+02:00
2023-07-20T17:10:00+02:00
https://facyber.me/posts/blue-team-lab-guide-part-10/
facyber
It’s been more than a year since I started writing this guide. It took me this much because I had a lot of personal matters to deal with in the meantime, also from time to time I needed a break from the lab and working on a computer in general, I wanted to spend more time traveling, cooking, spending time with friends and family and also to do nothing, to be honest. Just to lie down, watch movi...
Building Blue Team Home Lab Part 9 - Bandito
2023-04-04T22:05:00+02:00
2023-04-04T22:05:00+02:00
https://facyber.me/posts/blue-team-lab-guide-part-9/
facyber
We are close to the end of this guidance toward building the blue team home lab. Last time we configured a web server that is hosting a website, and a database, MariaDB. I’ve made some changes in the previous article so be sure to check them before continuing on this one.
This time we will focus on creating a bandito network or better say, simulate the external network, where our external thre...
Building Blue Team Home Lab Part 8 - Web Server
2023-02-26T15:14:00+01:00
2023-02-26T15:14:00+01:00
https://facyber.me/posts/blue-team-lab-guide-part-8/
facyber
Update 19/07/2023
I’ve had some issues with custom DB and DVWA testings, therefore the DB configuration part has been changed.
Added fping tools in initial package requirement for installation.
Update 04/04/2023
I’ve added a small part to the DB configuration where we allowed remote connection to the DB from any IP address and also changed how user is created in MariaDB, so a bit ...