Hi everyone, Lately I’ve been digging into the world of IDS, IPS, and NSM. While researching, I noticed that there are plenty of tutorials and guides explaining how to run Suricata as an IDS (Intr...

Hello, Now that we’ve explored using an Elasticsearch MCP Server in the previuos post, here, let’s go one step further: building a custom MCP server from scratch. I chose Cortex from The Hive Pro...

A practical guide to using Elasticsearch MCP Server to enhance SOC workflows. Learn how to query alerts, automate detection engineering tasks, and leverage LLMs for investigation at scale.

Comprehensive guide to FleetDM and osquery. Learn how to deploy FleetDM with Docker, manage osquery agents, and integrate with your cybersecurity monitoring stack for enhanced visibility and defense.

Comprehensive guide to FleetDM and osquery. Learn how to deploy FleetDM with Docker, manage osquery agents, and integrate with your cybersecurity monitoring stack for enhanced visibility and defense.

Comprehensive guide to Kerberoast attack (MITRE ATT&CK T1558.003). Learn how attackers exploit Service Principal Names to extract service account credentials, practical demonstration, and detection...

Comprehensive guide to DCSync attack (MITRE ATT&CK T1003.006). Learn how attackers abuse Directory Replication Service to extract NTLM hashes, Kerberos tickets, and KRBTGT credentials from Active D...

Comprehensive guide to AS-REP Roasting attack (MITRE ATT&CK T1558.004). Learn how attackers exploit Kerberos pre-authentication, practical demonstration, and detection using Wazuh SIEM for cybersec...

Step-by-step walkthrough of the Search machine on HackTheBox. Master Active Directory enumeration, Kerberoasting attacks, password reuse exploitation, and privilege escalation techniques in this co...

Step-by-step walkthrough of the Escape machine on HackTheBox. Master Windows penetration testing, privilege escalation techniques, and Active Directory exploitation in this comprehensive cybersecur...