SMB Brute Force Detection & Network Telemetry Analysis
Role SOC Analyst / Security Researcher Environment VMware Lab Attack SMB Brute Force Detection Wireshark · Security Onion · Splunk Status Successfully Investigated Simulated an SMB authentication brute force attack against a Windows Server 2019 Active Directory domain controller and correlated reconnaissance, packet-level SMB/NTLM evidence, Security Onion telemetry, and Windows authentication events in Splunk. PROJECT […]
Read More
Tag Archives: SASS