Cyber Infrastructure & Technology
Bypassing an Antivirus
My objective is to evade detection by VirusTotal scanners using compressed
executable virus files. I will also Download EICAR files and encrypt them to avoid detection by VirusTotal scanners.
I will use Windows 10, WinRaR, EICAR and VirusTotal.
Creating YARA Rules
My objective is to create YARA rules, and identify infected files using ClamAV.
I will use Windows 10, ClamAV, and HxD and WinRaR.
Create an Allow List
Database
My objective is to create an allow list database , create a Hash Value and exclude the eicar.com file.
I will use Windows 10 and ClamAV.
Configure the Modern Honey Network Server/Dionaea Honeypot
My objective is to add an open-source honeypot to a Linux virtual machine.
I will use Linux , Modern Honey Network Server and Dionaea Honeypot.
Configure Valhala Honeypot
My objective is to Configure the Valhala honeypot to capture POP3 traffic.
I will use Linux , Windows 10 , WinRaR , and Valhala Honeypot.
Configure & Run OpenDLP/Data Loss Prevention
My objective is to run a data loss prevention system & perform a scan.
I will use Linux , Windows 10 , WinRaR , WinSCP , and OpenDLP.
Run POP3 Commands
My objective is to Connect to the POP3 machine using Telnet. Use POP3 commands to retrieve messages and find the new password.
I will use Windows 10 and Pop3Zone.
Email Spoofing
My objective is to Check whether a domain contains an SPF record. Send myself an email from the domain and examine the results and the email headers.
I will use Windows 10 , Gmail , Online MX records tool and Fake emailer tool.
Splunk Search & Reporting : Basic Searches & Exploring SPL (Splunk Processing Language)
My objective is to explore the search & reporting app on Splunk. I will use the search bar and input simple queries as well as Splunk Processing Language.
I will use Kali Linux & Splunk Web Interface.
Create a New App in Splunk , Add Data & Explore with Basic Searches
My objective is to navigate the Splunk web interface to create a new app, configure Splunk to monitor sample web server logs, and utilize different search commands to explore and analyze the data.
I will use Splunk Enterprise, Kali Linux, & Web Server Logs
Create a Dashboard for IT Ops - Web Server Status Codes Over Time
My objective is to Investigate successful vs unsuccessful web server & produce a dashboard panel for the IT Operations team, showing website successes
vs failures over time. The IT Operations team currently has no visibility of failures on the Buttercup Enterprises website.
I will use Splunk Enterprise, Kali Linux, & Web Server Logs
Create a Dashboard DevOps - Most Popular Operating Systems
My objective is to to show the most common customer operating
systems. I will need to extract a new field from events in order to create the report needed. To accomplish this, we will use Splunk’s field extractor wizard.
I will use Splunk Enterprise, Kali Linux, & Web Server Logs
Create a Dashboard for DevOps - Web Browsers With Most Failures
My objective is to show the most common customer operating
systems and which web browsers are experiencing the most failures. I will need to extract a new field from events in order to create the report needed.
To accomplish this, we will use Splunk’s field extractor wizard.
I will use Splunk Enterprise, Kali Linux, & Web Server Logs
Create a Dashboard for Business Analytics - Lost Revenue
My objective is to show lost revenue from the website.
Buttercup Enterprises does not have a way of seeing lost revenue from the website in real-time and the
senior managers would like to track lost revenue trends throughout the day via a dashboard.
In this exercise, I will create a Single Value visualization that shows lost revenue from the company
website and add this to the dashboard.
I will use Splunk Enterprise, Kali Linux, & Web Server Logs
Create a Dashboard for Security and Fraud - Customer Locations
My objective is to show website activity by geographic location. There is a concern that there could be many potentially fraudulent transactions coming from other countries. However, they don’t currently have any visibility of where website traffic is originating from. In this exercise, I will create a Cluster Map visualization that shows the geographic location of anyone connecting to the company website.
I will use Splunk Enterprise, Kali Linux, & Web Server Logs