Category: Detection

Attacking Detection

Attacking SIEM with Fake Logs

In order to ensure to cyber security of an organization, the logs of the systems it owns must be collected, analyzed and repeated continuously. For provide the continuous of the process, monitoring systems can be installed. The fact that what is happening inside is being followed reduces the attack area of ​​the attackers. But itRead More

Detection Phishing

How to Investigate Phishing Campaigns?

Phishing attack is a type of attack aimed at stealing personal data of the user in general by clicking on malicious links to the users via email or running malicious files on their computer. Phishing attacks correspond to the “Delivery” phase in the Cyber ​​Kill Chain model created to analyze cyber attacks. The delivery stageRead More

Detection Python

Reputation Based Detection with Python

The purpose of the reputation based detection systems is detecting low reputation behaviors (Low reputation file opening, requesting IP address). The suspicious situation will be noticed when requesting low reputation IP address within a network using this system. I will show basically how to create reputation based detection system. I’ll use 3rd party resources forRead More