If I want to just grep out and only show the specific rule that trigger for file1, what command should I use if I dont want to scroll through the rules of the thor-webshells.yar?

Good one...

Why did you list the sequence process as: Indexer, Forwarder and Search, however your presentation started with a discussion on Forwarder, not Indexer. Please coordinate presentation with order displayed. Thank you.

Love your videos man. Just one thing while explaining things instead of writing on a canvas it would look much better if you type as points. Reason because its hard to read the second time.

Thanks for this amazing learning exerience.Can you guide me from where you have taken list of various Event id's?

Very well explained. Keep it up Motassem

agree with wabisabi84

This Room was the go for me to switch to HTB. This Room is dogshit sorry ...

bro how do i get your payload list

thank youuuuu😄

Great stuff thanks!

Thank you for this video. I’ve searched and watch so many other videos about this topic and didn’t understand until this one. Your real-life scenario for this is brilliant and easy to understand. Thumbs up !

thank you for the detailed explaination!

Your content and your explanation is underrated🔥 Keep it up!!!

Thanks Great Video, i would like to get your notes cheat-sheet commands

Thanks, You are the only person who explained the flags for this room!!

The music becomes too loud sometimes.😵‍💫

is there any payload in Starkiller for Android

اخي ممكن شرح 1YUoXkrcUppu1vTYrlTNHEa5xO9qU3ySCc/PM+GPPw==

we not gonna talk about the multiple voices at 18:20?

Thanks for your dedicated time to explain the Splunk basic. The course is very helpful for beginner like me.

i was able to follow this tutorial and i was able to get the powershell scrpit for task 7 Group security ID and event ID Group Security ID Get-WinEvent -Path .\merged.evtx -FilterXpath '*/System/EventID=4104 and */EventData/Data[@Name="ScriptBlockText"]' -Oldest -Maxevents 1 | fl -property * event ID Get-WinEvent -LogName Security -FilterXPath '*/EventData/Data[@Name="TargetUserName"]="Administrators" and */System/EventID=4799' -Oldest -Maxevents 1 | fl -property *

White Angela Martin Charles Clark Sarah

Great explanation

اخويا معتصم

Thank you Mostasem for such great content.

thank you for these video. they have been helpful. i am interested in your 974 page notes so it helps with easy referencing. does the package (priced at 34 dollars) contain the notes covering all your videos?thanks

thank you man, it was a great work

Hello, my friend, I am one of your followers and I am very impressed with what you have presented. I ask you to explain to us how we can exploit the loopholes that are published on the Internet. When I find a new loophole in KitHub, I face difficulty in benefiting from it. The second difficulty is the Inmap tool. It was discovered by firewall. Thank you for the above.

Thank you❤❤❤❤

Thank you! This is a great help! Please, let me know what resource did you use on 33 min 42sec with all this helpful stuff?

Great explanation sir

starts @30:00

Thank you for uploading this type of content for free

is he using 2 vms? because I can only use one in this module on tryhackme

Thank you

I'm still confused about how he uploaded the emails on the vm

Yeah this one was interesting, I think that all makes sense, MQTT 1883, sub is for pub and pub is for sub lol chef wuz here

Thanks for explain about firewall evasion tactics

the content was great , learnt something new today thanks

#teamMotasem

Perez Ronald Williams Charles Moore Jose

Wow 😮

Gread course, just for help: the audio in the background it's not necessary.

Ive had so many steps fail on these tasks. When I execute a command or follow the steps, some just fail. Its like the wrong vm is loading for the task.

what a great explanation ,finally found a video which is explainings in a so good manner.kudos to you man keep the good work coming.

I'm getting the answer 2812 what is wrong ?