LetsDefend (SOC Analyst) - Event ID #93: Phishing Email Detected

LetsDefend (SOC Analyst) - Event ID #93: Phishing Email Detected - Excel 4.0 Macros

Рет қаралды 6,207

Күн бұрын

Пікірлер: 14

@sergiojhdz 9 ай бұрын

Do you use a vm machine when doing letsdefend challenges? Also did you learn about REMnux from letsdefend, or from other learning resources? I'm just curious I just started using Letsdefend, but was stuck when It came to that practice challenge as to how to create and analyze a case. You explained it very well, now I have a good understanding on how to do it. Thanks in advance!

@Micahs0day 9 ай бұрын

Good question! Yeah, I use a VM. I was really paranoid about downloading files onto my host and wanted a VM that had forensics tool pre-installed, and I so happened to come across REMnux on SANS website. www.sans.org/tools/remnux/

@sergiojhdz 9 ай бұрын

@@Micahs0day Gotcha! so whenever you're downloading possible malware you just do it inside REMnux. Thanks for the clarification bro!

@Micahs0day 9 ай бұрын

@@sergiojhdz Yep! But make sure you google 'best practices for running an isolated VM for malware analysis' that way you configure the VM network settings properly.

@WickOff626 5 ай бұрын

I used this as a guide to help me thank you!

@thearts7702 2 жыл бұрын

Which certificate would you say helped you the most to understand everything you’re doing?

@0xGenjutsu 9 ай бұрын

bro good looks on the linux vm, i've been doing everything out of kali but im gonna check renux and maybe a Kali blue out now

@akularohith2574 2 ай бұрын

How to see the mailbox, I cannot see any kind of mailbox on my platform

@tapasghosh9802 2 жыл бұрын

Thank you for explaining it so well. please share any resources on how to use the tools that comes with remnux.

@Micahs0day 2 жыл бұрын

I will make more videos using remnux very soon!

@recon0x7f16 Жыл бұрын

what is that notes on the right thing called?

@gamalielsankaytshiswakamar961 2 жыл бұрын

i am trying to get the MD5 VALUE of the malicious files without success please help

@Micahs0day 2 жыл бұрын

What method are you using? The command line, or are you uploading the files to a website? Also, if you are on Windows, do a google search for a program called "MD5 & Checksum Utility" and download that (try CNET), it's easy to use.