SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.

Threat Hunting Images: Hunting Spraykatz with Sysmon Detection Rule

keep Your Credentials Safe: Hunting Spraykatz with Sysmon

[vc_row][vc_column][vc_column_text]Hackers use the Spraykatz tool to harvest credentials when they are conducting lateral movements. Lateral movement is when a cyber-attacker moves from one system or network to another to remain undetected, gain access to sensitive and high-value data, or gain escalated privileges. To do so, they require tools to access credentials. Spraykatz is a tool…

F5 BIG-IP critical vulnerability

Detect F5 BIG-IP Critical Vulnerability Exploitation Attempt with Free Sigma Detection Rule

[vc_row][vc_column][vc_column_text]F5 Networks, one of the world’s largest provider of enterprise networking gear and application services, has issued a security advisory this week warning enterprises and governments across the world to immediately patch a critical vulnerability that is very likely to be exploited. With a CVSS score of 10 out of 10, the critical vulnerability, tracked…

block indicators

Detect Indicator Blocking with these free splunk Detection Rules

An adversary may attempt to block indicators or events typically captured by sensors from being gathered and analyzed. This could include maliciously redirecting or even disabling host-based sensors, such as Event Tracing for Windows (ETW), by tampering settings that control the collection and flow of event telemetry.  These settings may be stored on the system in configuration files…

Hidden Window- detection rule

Detect Hidden Windows with this free Splunk Detection Rule

[vc_row][vc_column][vc_column_text]Adversaries may implement hidden windows to conceal malicious activity from the plain sight of users. In some cases, windows that would typically be displayed when an application carries out an operation can be hidden. This may be utilized by system administrators to avoid disrupting user work environments when carrying out administrative tasks. Adversaries may abuse…

Offensive cybersecurity threat hunting

From defensive to offensive cybersecurity: organizations’ most essential security measures

Cybersecurity has turned into one of the fundamental components of any organization in the last two decades. The world has evolved; leading to the advance in technology and alongside it, threats. Organizations need to invest more in building a strong, functional cybersecurity infrastructure to protect their facilities and assets from internal and external threats. Before,…