Something went wrong. Please try your request again later.
Follow to get new release updates and improved recommendations
About Jithin alex
Customers Also Bought Items By
Are you an author?
Help us improve our Author Pages by updating your bibliography and submitting a new or current image and biography.
Author Updates
-
-
Blog postI was trying to use the snmpenum.pl in my lab and encountered this error.
Can't locate Net/SNMP.pm in @INC (you may need to install the Net::SNMP module)
I searched over the internet for the fix , but couldn't able to find something direct. However, going through some of the stackoverflow pages, i fixed it and is explained below. 1) First install the required packages related to snmp utilities.
sudo apt-get install libsnmp-perl 2) Install the SNMP module for perl.perl - -
Blog postPivoting is a technique used during Pentesting. The attacker gain access on one of the remote machine in the target network segment and use that machine to move around another network.
Pivoting is useful in a scenario where you don't have direct access to a remote network. For example, the attacker can access the DMZ server but not the Internal Server segment. But DMZ server can communicate with Internal Server Segment. In such scenario, firstly the attacker gain access to the DMZ server a -
Blog postThe Internet Explorer 11 desktop application will be retired and go out of support on June 15, 2022. Organizations with websites optimized for Internet Explorer may consider configuring IE mode in Microsoft Edge.
If you are configuring IE mode for an enterprise, you may refer the step by step guide from Microsoft.
To configure IE mode on your windows machine, follow the below steps.
1) Open Microsoft Edge browser
2) Go to Settings
3) Click on Default Browser -
Blog postWhen a packet is sent to an open UDP port, default behavior should be no response, Simply because UDP is a connection-less protocol. When this happens, Nmap or port scanning scripts refers to the port as being open|filtered. It could be open or behind the firewall. However, if it gets a UDP response which is very unusual in UDP, then the port is marked as open.
Then how Nmap or other port scanning scripts confirms whether there is an open UDP port exists??? For this, one should k -
Blog postTo mount a share to your working machine, use the following command. There are some prerequisites for CIFS mount and for mounting the .VHD files. Normally comes preinstalled with you Kali/Linux Distro. However, i am listing it down.
apt-get install libguestfs-toolsapt-get install cifs-utils Now to mount a remote share,
#sudo mount -t cifs //<Remote_Machine_IP>/<Path>/ <Mount_Path> -o rw
eg: mount -t cifs //10.10.10.1/Backups/ /mnt/nfs -o rw
To -
Blog postThe fingerprint reader on my laptop was not working properly since last couple of month. Suspecting after some update from Microsoft. It was not completely working, sometimes it work perfectly and often sometimes not. Especially after my laptop goes sleep.
So i uninstalled and reinstalled the driver with the latest update, did some googling and couldn't get a solution. However, i though of checking the power management settings. And unchecked the "Allow the computer to turn off th -
Blog postWhile compiling programs, you may encounter this particular error.
E: Unable to locate package linux-headers-5.10.0-kali5-amd64
I encountered this while compiling a C code.
To fix this, i first updated my Kali machine (v2020.2a).
sudo apt update -y && apt upgrade -y && apt dist-upgrade
Rebooted. Then installed the headers.
sudo apt install linux-headers-$(uname -r)
-
Blog postRoom link : https://tryhackme.com/room/adana
Excellent room. Spend much time on Recon and Enum. The room developer has also put a sweet spot rabbit hole. The WordPress.
I am not making this write-up in detail. You perform the initial nmap scan, get couple of open ports and services. Then perform a dirbuster or gobuster scan. You get the secret directory. Announcement. In the Announcement directory, you can see an image and a word-list. As common with THM, we can easily assume that t -
Blog postJSON Web Token (JWT) is a standard for securely transmitting information between parties as a JSON object. This information can be verified and trusted because as it is digitally signed using the public/private keys. In this post, i will be explaining about the JWT and how it can be manipulated to perform certain functions, especially during penetration testing.
Access the website that uses JWT token and open the developer tools in the web-browser to see the JWT token. To decode the -
Blog postRecently i came across this awesome Windows Exploit Suggester - Next Generation (WES-NG) tool and it comes handy for performing the privilege escalation. Once you have the initial access to the machine, simply grab the system information and run with WES-NG to view all the vulnerabilities in the target machine.
WES-NG link : https://github.com/bitsadmin/wesng
1) Get the package form the above link and clone it to your machine.
#git clone https://github.com/bitsadmin -
Blog postThe Security Content Automation protocol (SCAP) Compliance Checker tools from DISA are now available free to the public. Security Content Automation Protocol (SCAP) is a method to enable automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization based on Security Technical Implementation Guidelines (STIG).
The two most common and widely accepted system configuration baselines are the Center for Internet Security’s CIS Benchma -
Blog postPreparation : Use Palo Alto networks beacon portal to learn the basics of Cortex XSOAR. Download and install the community edition of Cortex XSOAR. If you need a step by step practical guide to learn the Cortex XSOAR and to prepare for PCSAE exam, check my book. And if you need to validate your knowledge on PCSAE exam topics, check the practice tests in Udemy. Dont just rely on the exam guide. Do hands on extensively. Practical knowledge is what validates in the PCSAE exam.
-
Blog postPalo Alto Cortex XSOAR: A Practical Guide, First Edition 2021
I am glad to announce my new book on Palo Alto Cortex XSOAR. This is a step by step, beginner friendly 100% practical guide to learn SOAR platform with Cortex XSOAR.
Paperback : https://www.amazon.com/dp/B08Z4CTCJS/
E-book : https://www.amazon.com/dp/B08Z78WBQV
Cortex XSOAR is the Security Orchestration, Automation and Response (SOAR) solution from Palo Alto Networks. Cortex XSOAR pro -
Blog postAdobe stopped supporting Flash Player beginning December 31, 2020. After this data, Adobe will not release new Flash Player updates or security patches and strongly recommends the users to uninstall Flash Player immediately from their machines. To help secure your system, major browser vendors have already disabled Flash Player from running.
As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update S -
Blog postPalo Alto Networks Certified Security Automation Engineer Exam Review
Exam Length : 130 minutes (sufficient)
Number of questions : 85
The exam is not an easy one. Compared to other networking and security exams from Palo Alto, this is a difficult one. The PCSAE candidates are supposed to have a decent operational experience with Cortex XSOAR. Those who don't, might struggle to answer the exam questions correctly.
Though the exam guide from Palo Alto helps, it -
Blog postPractice test on Udemy : Link
Book : Link
Exam Review : https://www.jaacostan.com/2021/02/palo-alto-networks-certified-security.html
Administration Guide : https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin.html
Cortex XSOAR Threat Intel Management Guide : https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-threat-intel-management-guide.html
Cortex XSOAR Multi-Tenant Guide : https://docs.paloal -
Blog postCisco Firepower Threat Defense(FTD) NGFW: An Administrator's Handbook : A 100% practical guide on configuring and managing Cisco FTD using Cisco FMC and FDM.
This book is written like a learning course, explained in detail with a lab topology using FTDv and FMCv. This is a 100% practical guide on configuring and managing Cisco Firepower Threat Defense Next Generation Firewall using Cisco Firepower Management Center. I have also covered the standalone firewall introduction and how to us -
Blog postA Playbook is a set of tasks that will be executed for a specified incident and run like a flow chart. This enable the organization to automate many of the security processes, such as incident response, data collection, investigation, closure etc. You can structure and automate security responses that were previously handled manually and thereby saving time and increasing the efficiency of your Incident Response plan and operations. You can create a new playbook from the Playbook option in th
-
Blog postAfter Installing Palo Alto Cortex XSOAR, it is recommended to perform a post-installation health check. As per Palo Alto documentation, the following tests has to be performed.
1) Check the Docker Sub-system
/docker_images : Verify that either a list of Docker images or an empty list is returned. Can run this command from the playground.
!py script="demisto.results('hello world')" : Verify that hello world is returned, if not, there may be issues with yo -
Blog postAfter installing Palo Alto Cortex XSOAR, you might go through the health check. During health check you will go through a serious of integration/instance testing to check the functionalities. In the XSOAR platform, one of the basic tool an analyst will use is urlscan. And you are probably here reading this post because you might also encountered an error while running the URLscan related commands.
So during my testing, i ran the command to check the reputation of my URL and it re -
Blog postA few free courses which are offered by respective providers are listed below. Make use of these and up-skill yourself. Happy learning.
Update [21/04/2021]
GitLab Certified Associate certification for free
Promo Code : E6B8A234458AE3D795
Valid until April 30, 2021. After purchasing the course, you have one year time for completion.
Link : https://gitlab.edcast.com/pathways/cy-test-pathway-associate-study-exam/
Nutanix Certification for free.
-
Blog postAn incident in Palo Alto Cortex XSOAR can be created automatically or manually by a Security Analyst. Similarly, all the process mentioned below can be performed manually as well as automatically by initiating the playbook, when a particular condition is met. In order to create an incident automatically by the Cortex XSOAR, you need to configure integrations with your 3rd-party products such as SIEM, ticketing tools, logs servers, network devices, EDR etc to start fetching events. Then you ha
-
Blog postYou can deploy Palo Alto Cortex XSOAR in four ways.
1) On-Premises
You can install Cortex XSOAR on a VM or bare-metal servers. In this installation model, the customer provisions, installs, configures, and maintains all aspects of the system while Palo Alto Networks provides support based on licensing. As of now, installation of Cortex XSOAR on CentOS, RedHat Enterprise Linux, Ubuntu, Oracle Linux, Amazon Linux 2, SUSE Linux Enterprise 12, openSUSE, and Fedora is supp -
Blog postBitLocker To Go is BitLocker Drive Encryption on removable data drives. This includes the encryption of USB flash drives, SD cards, external hard disk drives, and other drives formatted by using the NTFS, FAT16, FAT32, or exFAT file systems.As with BitLocker, drives that are encrypted using BitLocker To Go can be opened with a password or smart card on another computer by using BitLocker Drive Encryption in Control Panel.
BitLockerAutoUnlock can be configured to automatically unlock volume -
Blog postFrom the Security & Compliance admin center (https://protection.office.com) , select Threat management, and then select Explorer. From the upper righer corner, click on MDE settings ( As highlighted in the image below). Then in the Microsoft Defender ATP connection dialog box, turn on Connect to Windows ATP.
Note: To turn on this connection, your organization must have a Microsoft Defender for Endpoint subscription and security analysts must have access to Defender for Office 365 P
Titles By Jithin alex
Palo Alto Cortex XSOAR: A Practical Guide
Mar 16, 2021
by
Jithin Alex
$15.00
Other Formats:
Paperback
Incident Handling and Response: A Holistic Approach for an efficient Security Incident Management.
May 26, 2020
by
Jithin Alex
$4.99
Other Formats:
Paperback
More Information
Anything else? Provide feedback about this page
