hunt

DFIR vs Hunt

Gone are the days of defense just being patching. The model of hiding behind firewalls like the Greeks in Troy have been proven to be as faulty in Cyber as it was in the days of old. There aren't many hard definitions in Cyber, so here's my take on a popular topic that's been brought up around the water cooler for the past few days. (more…)

By hellor00t, ago
hacking

Strategies of the Cyber Hunt

Definition of Cyber Hunting by our good friends at Wikipedia: "Cyber threat hunting is "the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions." This is in contrast to traditional threat management measures, such as firewalls, intrusion detection systems (IDS), and SIEM Systems, which typically involve an investigation after there has been a warning of a potential threat or an incident has occurred." In short, hunting begins when traditional security methods fail. Teams are called upon to enter contested terrain and defeat attackers. This article discusses the high level process of how a team would approach such a situation. In later articles we will step through each phase of an attack, discuss technical methods and use some open source tools as a demonstration. (more…)

By hellor00t, ago
blog

Goodbye 2017, Welcome 2018!

Thank you readers, community contributors, and supporters!  We've had a busy year both on and off the keyboard and would be remiss to not give a recap of what we (Not just the HM staff, but you too!) have accomplished!  We have exciting projects in store for everyone in 2018 and are going to put our money where our mouth is by letting you all know what's coming! (more…)

By hellor00t, ago
hacking

Protectli 6-Vault Review – pfSense, ESXi, ELK

Homelabbers rejoice! In this review we are welcoming the Protectli 6 Port Vault to the home security hardware market. We have been in the market for something like this for a few months and while researching several products we stumbled across a CPU requirement for pfSense version 2.5. This requires chipsets that support AES-NI and even though pfSense 2.4 isn't out yet we at Hackmethod always like to future proof as much as possible. For full disclosure, we reached out to Brent at Protecli and asked when/if they would have hardware to support the AES-NI requirement. We were informed that they were working on a new line of products due for release in a few months and wanted to know if we would like to get our hands on one for review. That lands us here today with Protecli graciously providing the Hackmethod team with some hardware to test out. Thanks Brent! (more…)

By hellor00t, ago
roadmap

Linux File Structure

Overview

This lesson will not re-invent the wheel by teaching another linux file structure lesson. There are many other articles that already discuss that topic in detail. What this lesson hopes to accomplish is give the reader an understanding of why it is important to learn the linux file structure from both offensive and defensive perspectives. (more…)

By hellor00t, ago
reviews

OSCP – Review and Tips

It's been about a week since I've fully recovered mentally and physically from my Offensive Security Certified Professional exam. A lot of people wonder (myself included) if they are ready to tackle OSCP. You'll often see people ask OSCP credentialed individuals on what their background is and how much effort did they have to put into OSCP. So rather than give you the "this is how OSCP works" spiel, I'll aim to answer those questions! (more…)

By hellor00t, ago
blog

Company Update 01

Hey guys & gals its been a bit since we've had a tutorial or a blog post. Well that's because we've been busy! As you can see the site got yet another facelift, hopefully a change that uncluttered the site and is easier to navigate. We also added a forum and we are also doing monthly challenges insipired by the hardwork of @incidrthreat! So whats on the horizon at Hackmethod? Well... lots of things! (more…)

By hellor00t, ago
Categories
Disclaimer

This website is made available for educational purposes only as well as to give you general information on the topics of cyber security. By using the services and information provided on this site you release all liability or claims made to Hackmethod LLC or the authors of this content. Furthermore you agree to not use this content for any illegal purpose.

Copyright 2018 Hackmethod LLC. All Rights Reserved.