Great info. I need to create a profile and set up a lab....I will be following you and watching your videos as they are information and easy to understand an follow. Mahalo for all of your help.
@ibrahimatta36245 сағат бұрын
Hi, new to the channel. I am interested in SOC analysis and I am transitioning from data analysis.
@perplex6313 сағат бұрын
i can see the mimikatz events in archives in my ssh but i can't see the events in wazuh dashboard (in discover) i waited for some time and restarted the wazuh-manager
@MyDFIR8 сағат бұрын
Have you enabled the archives index?
@laurenbitten9437Күн бұрын
When running exploit in the multi handler it is taking forever. Is this normal?
@MyDFIR8 сағат бұрын
I would double check the spellings just to make sure. It shouldn’t take that long
@user-ui6mj6bg7bКүн бұрын
Thanks for the video. Which video, book I could study to learn CLI in Linux. ?
@MyDFIR8 сағат бұрын
The linux command line books from no starch press seem pretty good. I personally haven’t read it but I’ve read books from them and so far loved everyone.
@josephsalazar6096Күн бұрын
is it just me or is spunk not allowing new users to sign up? The field to choose your country is blank. I have tried to sign up on my VM, my Hosty, and my phone. No luck. That field to choose your country is broken and preventing me from following this tutorial. Cant even reach out to customer support because you need an account.
@MyDFIR8 сағат бұрын
It appears that this is fixed. Try signing up again!
@josephsalazar6096Күн бұрын
The pinging said transmit failed. Please help!
@josephsalazar6096Күн бұрын
never mind I got it. I think it's because my Kali machine fell asleep. smh lol.
@MyDFIRКүн бұрын
Haha it happens!
@lawrenceesplana8969Күн бұрын
hey thankyou so much!
@MyDFIRКүн бұрын
No problem!
@i_am_vengeance_Күн бұрын
Hey Steve! Everything is running smoothly except for the very last step with the response setup. I cannot find the $exec.all_fields.data.srcip you are using to retrieve the srcip. The email works but the srcip is blank. When I watch the video, it looks like you altered the original Virustotal app's configuration from get a has report to something else? how do I retrieve $exec.all_fields.data.srcip?
@MyDFIRКүн бұрын
When you send the event up to shuffle from wazuh, does that event contain a source IP? If not, that is your hint :)
@NalliSuvarnaКүн бұрын
Is there any alternate option for digital ocean?
@MyDFIRКүн бұрын
Vultr/linode/azure/aws/gcp - there are a ton of other providers that you can use
@NalliSuvarnaКүн бұрын
Hello, I don't want to use digital ocean is there any way for alternative ?
@MyDFIRКүн бұрын
Yeah, you could use any cloud or even on prem 👍
@tumsa31692 күн бұрын
I see you are one of the few youtubers who interacts with your community comments, I wanted to ask you I am certain to pass my Security+ in a few months, could you offer any insight on the novelty or worth of Linux+ / Network+?
@MyDFIR2 күн бұрын
Of course! Absolutely love the community and that is a great question - My recommendation depending on your budget and time would be to not pursue those 2 certs. Instead, I would focus on learning the material starting with Networking as this is more of a NEED whereas Linux is more of a WANT. Hope that helps!
@tumsa316920 сағат бұрын
@@MyDFIR gotcha, appreciate it
@user-ui6mj6bg7b2 күн бұрын
Thanks, road to Soc Analyst
@MyDFIR2 күн бұрын
You got this 💪💪
@user-ui6mj6bg7b2 күн бұрын
Great information, thanks.
@MyDFIR2 күн бұрын
Glad it was helpful!
@ptahrightknowledge38132 күн бұрын
Hi Steven can you check our email please. I have paid for the Course, but it seems to be an issue.
@MyDFIR2 күн бұрын
Sure, let me check
@abdi142 күн бұрын
Hi thanks for the great content on LimaCharlie. I have used LimaCharlie about 3/4 years ago when I was doing SOC training but have not touched it since. Recently I have been asked to implement SIEM plus EDR for a small charity that my friends run they have about 25 Windows laptops and 1 Mac so I was wondering if I implement LimaCharlie for them does LimaCharlie keep the rules and threat intel updated because I have no time to create SIEM content to keep up with the latest threats. Thanks in advance.
@MyDFIR2 күн бұрын
Great question, yeah LimaCharlie does a good job updating rules and you can enable 3rd party integrations
@abdi142 күн бұрын
@@MyDFIR thanks for the response please do recommend 3rd party integrations to give complete SIEM for small company with less than 30 computers thanks
@MyDFIR2 күн бұрын
@@abdi14 Try it out with LimaCharlie and see what happens - With a small company, this should suffice. Do also think about the identity as well.
@michaelhom69142 күн бұрын
wow very informative! Will have to give you a subscribe respectfully :)
@MyDFIR2 күн бұрын
Awesome, thank you!
@user-iu1dq8uq8f2 күн бұрын
awesome project. Am from Ottawa and this will be great to add to my portfolio when I apply for jobs
@MyDFIR2 күн бұрын
Thank you! This will be a pretty fun one 😁
@DallasFort18573 күн бұрын
which one would you say is the most lucrative? which one would you also state that it is outsourcing bulletproof? indicating that it cannot be outsourced
@MyDFIR2 күн бұрын
Oh that is a great question. I feel that every one of these could be outsourced in the early stages however, the more senior you are the less likely that’ll happen IMO. I would focus on what you enjoy/interests you and go from there 💪
@DallasFort18572 күн бұрын
what's the salary range for digital forensics incident response? I am also interested in this career path and I would like to know is it more incident response? or digital forensics@@MyDFIR
@MyDFIR2 күн бұрын
It ranges depending on where you are located. In Canada, its around 100-175k and it really does depend on the company. I've seen it where the role is more towards incident response and some are more digital forensics so getting a good understanding of both will be beneficial.
@bulba8883 күн бұрын
goes smooth so far, thx, waiting p3
@MyDFIR2 күн бұрын
Glad to hear!
@HaitianS3nsati0n3 күн бұрын
bro, please release the next part! any ETA?
@MyDFIR3 күн бұрын
Every Tuesday! Stay tuned 😊 in the meantime, you can check out the lab walkthroughs and other projects on my channel if you wish
@HaitianS3nsati0n22 сағат бұрын
@@MyDFIR by the time you release all 5 parts the free credits for running the servers will end :(
@godwinalekeobor52744 күн бұрын
Can we run limacharlie from kali Linux?
@MyDFIR4 күн бұрын
LimaCharlie is accessible via web browser so yeah you can access LimaCharlie from Kali Linux.
@godwinalekeobor52744 күн бұрын
@@MyDFIR ok
@alyx31354 күн бұрын
Hi, I am planning on buying the roadmap written on a .pdf on gumroad but what is the difference between this video and the .pdf thanks! and any alternatives to CCD or HTB certification they are expensive for me as a student
@MyDFIR4 күн бұрын
Great question! The PDF is essentially the same as this video however, I have included links to everything I talk about within the PDF. It is also a different delivery method (reading vs watching) and some folks prefer the former. As for alternatives, not really when it comes to certifications but you can go for HTB and not take the certificate to save on some money and earn those skills. You can also go the free route via researching on Google.
@bablu51644 күн бұрын
I didn't get option to paste the Hash in virtual box hashes.. how you did that?
@MyDFIR4 күн бұрын
Not sure what you mean by that, is it giving you an error? If you cannot paste within Virtual Box, you'll need to install the Guest Addons.
@BrayaanRayan4 күн бұрын
♥
@user-nk1od1zl4d4 күн бұрын
Thank you bro. Your videos are wonderful with amazing explanation and gave me confidence that cybersecurity is not so hard if you got right mentor.
@MyDFIR4 күн бұрын
You're most welcome ❤️ I have a lot of other projects/hands on labs you can watch to follow along if you wish. Please don’t hesitate to ask questions as I am always happy to help!
@user-nk1od1zl4d4 күн бұрын
@@MyDFIR thank you 🙏
@Cyber.Panda.4 күн бұрын
Letsss gooo!! Congrats on the 30K followers, see you at 60k! 🔥🔥
@MyDFIR4 күн бұрын
Lets goooo!!! Thank you ❤️
@chamaragunasena64375 күн бұрын
Awesome 👌👌
@MyDFIR4 күн бұрын
Thanks 🤗
@Just_A_Tech.._5 күн бұрын
🙌🙌
@MyDFIR4 күн бұрын
❤️❤️
@godwinalekeobor52745 күн бұрын
how do we run it directly from our windows server, vultr is for $5 to activate. how can we do it without vultr?
@MyDFIR5 күн бұрын
Yup, you do not need vultr. I am using it for the ease of use.
@godwinalekeobor52744 күн бұрын
It didn't let me run locally on my windows OS, what can I do? @@MyDFIR
@franklinmccullough855 күн бұрын
Thanks for always having quality content. I'm enjoying the SOC course you released, but I am abroad, away from my main PC, and my laptop isn't cutting it.
@MyDFIR5 күн бұрын
My pleasure! I am so glad to hear that you're enjoying the course!!!
@zackhawkins86845 күн бұрын
I ran into an error
@MyDFIR5 күн бұрын
What error did you get?
@kader88155 күн бұрын
i work on soar project , but i use replace thehive with dfir-iris , so do you think shuffle support iris and can i follow your work just replacing thehive with dfir-iris ?
@MyDFIR5 күн бұрын
Depends if Shuffle has a direct app with it. Otherwise, you could likely use a webhook if DFIR-IRIS supports that
@kader88155 күн бұрын
@@MyDFIR okay thank you, and now i regards this video to do that , if i have a problem can you help me do you have discord or linkedIN or any ?
@MyDFIR5 күн бұрын
Since I did not utilize DFIR-Iris in this video, troubleshooting might take a bit of time so I cannot guarantee anything. However, I do have a discord on my site (sign up) or you can DM on my socials
@kader88155 күн бұрын
@@MyDFIR okay thank you
@mapletech_225 күн бұрын
Thank you for sharing ❤❤🎉
@MyDFIR5 күн бұрын
Thank you for watching <3
@petitehistoire40905 күн бұрын
A great content as always. I have a problem when installing the pfsense. I'm having this error "cannot reach the netgate servers". I've double checked my wan (bridged ) and lan (nat), everything is Ok.
@MyDFIR5 күн бұрын
Are you using a laptop and connected to wifi? If so, your bridged adapter may be connected to your ethernet adapter rather than your wifi adapter giving you no internet access. Thus, you'll need to configure a custom network adapter to point to your wifi adapter.
@petitehistoire40905 күн бұрын
@@MyDFIR Yes i'm using a PC. My bridged network is normally my computer 's wifi network adapter.. I've checked it on my PC ipconfig /all. I will maybe change adapter and sée what happens
@AnilReddy-qc3wq5 күн бұрын
Cool stuff and interesting
@MyDFIR5 күн бұрын
Thank you! This will be a fun project to do :)
@melaronvalkorith13015 күн бұрын
Thank you for sharing your knowledge and helping everyone get real and valuable experience under their belts and on their resumes! You were good when you first started this channel, but you have definitely improved your content and delivery since then!
@MyDFIR5 күн бұрын
Thank you! I took a look at my very first video and...yeah, crazy what a year can do!
@PuffBittle5 күн бұрын
anybody have any idea why the yaml lines he writes at the 5 minute mark aren't working for me at all? im on the latest version which is like 24 and inputting them into the terminal window but i keep getting a thousand different reasons as to why it wont work. im not sure if its the version im using, if im somehow using the wrong terminal window, etc.
@MyDFIR5 күн бұрын
Yeah YAML can get kinda weird sometimes, try using this jsonformatter.org/yaml-formatter and see if that helps!
@The_CyberBarbarian5 күн бұрын
Hey buddy really love your work and it is really helpfull. It help me a lot understanding the SOC role much more better as i was complete new and beginner to the SOC analyst position.
@MyDFIR5 күн бұрын
That is great to hear! Thanks for stopping by and get ready for Part 2!
@sandipanchakraborty27816 күн бұрын
Please create more contents like this, waiting for your next upload.
@MyDFIR5 күн бұрын
Will do, Part 2 releasing tomorrow! (June 25th)
@ESoFly6 күн бұрын
This video as well as the others are incredibly valuable. Thank you for spreading knowledge with such passion and detail!
@MyDFIR6 күн бұрын
Thank you for watching! I hope you learned a lot 😃
@AlanAxiiom6 күн бұрын
love that someone finally addressed projects regarding blue team / defense. sure CTFs are fun and so is learning about pen testing, but i don't think that will help me land my first job as much as this will. thank you!!!
@MyDFIR5 күн бұрын
You're welcome! Projects are super fun and challenging, take a look at the channel as I have quite abit of projects that you can follow along if you wish!
@prashantmishra56916 күн бұрын
Thanks for this amazing course.
@MyDFIR6 күн бұрын
You're very welcome! Hope you learned a lot ❤️
@cocobig44396 күн бұрын
I ran into a weird issue in shuffle where I don't get a hash field under parameter when setting up virustotal. instead of a hash field, it gives me an Id field. It doesn't show when I scroll down either.
@MyDFIR6 күн бұрын
Do make sure you’re selecting the correct field. I ran into the same problem before and found out I was selecting the incorrect field haha
@_J0KER_6 күн бұрын
❤
@joshuaoyinlola56996 күн бұрын
I am still getting Authentication failure on thehive after trying the added steps
@MyDFIR6 күн бұрын
I would try to redo the cassandra/elastic/hive install
@joshuaoyinlola56995 күн бұрын
@@MyDFIR I'd appreciate that. Thanks for all you do.