Hi, I'm Robson

I have extensive programming experience and a keen interest in Cyber Security, with a focus on security operations and data flow automation. I leverage my GitHub account to curate homelabs to simulate various security operations scenarios and test tools used in Security Operations Centres (SOCs). Additionally, whenever possible, I try to create some small snippets of content covering topics in systems administration, network administration, and cyber security. My certificates can be found here.

Outline

• Cyber Security Homelabs
• Cyber Security Standards Overview
• IT and Cyber Security Popular Certifications
• IT and Cyber Security Concepts
• Other Stuff

---

🌱 Cyber Security Homelabs

I have been exploring various homelabs featured in YouTube channels and blogs, focusing on topics like threat hunting (XDR), endpoint security (EDR), network security (IDS/IPS), and log monitoring (SIEM). I have been documenting step-by-step procedures for setting up these labs in a self-hosted, cost-free manner.

Just Another Homelab: Web Server Monitoring

• Configured a Host-Only Network in VirtualBox with:
  • HDCP Server
  • Ubuntu Server (SOC Tools)
  • Debian (Web Server)
• Configured the following security tools on an Ubuntu Server VM:
  • Wazuh (SIEM/XDR)
  • Suricata (IDS/IPS)
  • TheHive (CMS)
  • Admyral (SOAR)
  • MISP (TI)
• Configured the following vulnerable web servers on a Debian VM:
  • DVWA
  • bWAPP

Source: https://github.com/robsann/JAHWebServerMonitoring

Threat Hunting with Elastic Stack 8 (XDR)

• Configured in VirtualBox an Internal Network with:
  • DHCP Server
  • Ubuntu Server (Elastic Host)
  • Windows 10 (Victim)
• Configured Elastic Stack 8 on Ubuntu Server:
  • Elastic Stack: Elasticsearch, Kibana (UI), and Elastic Agent + Integrations.
  • Integrations: Fleet Server, System, Windows, and Elastic Defend.
• Simulated two malicious tests on the Victim machine:
  • EICAR Malware Test.
  • MITRE ATT&CK Test with Red Team Automation (RTA).

Source: https://github.com/robsann/ElasticStackLab

Detection & Response with LimaCharlie (EDR)

• Configured in VirtualBox a NAT Network with:
  • DHCP Server and Host Gateway access.
  • Windows 11 (Target) with Windows Defender disabled, Sysmon and LimaCharlie sensor installed.
  • Ubuntu Server (Attack) with Sliver installed, a Command & Control (C2) framework by BishopFox.
• Generated in Sliver a C2 payload and executed the payload on the Target machine to start a Sliver C2 session on the Attack machine.
• Used the Sliver C2 session to perform two attacks on the Target machine:
  • LSASS access (credential-stealing attack).
  • Volume shadow copies deletion using vssadmin Windows utility (used in ransomware attacks).
• Detection and response rules were created in the LimaCharlie platform to detect the two previous attacks and take action. The rules were tested by repeating the attacks.

Source: https://github.com/robsann/LimaCharlieEDRTelemetry

Network Security with Snort (IDS/IPS)

• Snort network IDS mode configuration in Ubuntu Server.
• NMAP scan detection using Snort (NIDS):
  • NMAP Ping Scan, various TCP scans including SYN, Connect, NULL, FIN, and XMAS, as well as UDP Scans.
• Attack detection using Snort (NIDS):
  • SQL injection attacks using tools like WPSCan & WordPress and Burp Suite & SQLmap.
  • Backdoor attacks using Empire post-exploitation framework and Katana penetration test framework.
  • Rogue DHCP & Rogue Routing attacks.
  • ICMP Redirect attack.

Source: https://github.com/robsann/NetworkSecurityWithSnort

Attack Monitoring with Microsoft Sentinel (SIEM)

• Microsoft Sentinel was used to monitor failed RDP login attempts from global attackers on an exposed Windows 10 virtual machine configured in Microsoft Azure.
• A custom log file (failed_rdp.log) was generated using a PowerShell script that extracts failed login events from Security Log on Event Viewer and forwards them to a third-party API to get geolocation data.
• A custom table (FAILED_RDP_WITH_GEO_CL) was created in Log Analytics Workspace on Microsoft Azure using the generated log file (failed_rdp.log). Custom fields were extracted from the table using a Kusto Query Language (KQL) query.
• A workbook was created in Microsoft Sentinel using KQL to query data from the FAILED_RDP_WITH_GEO_CL table to display global attackers (RDP login failure) on the world map according to physical location and magnitude (attack count).

Source: https://github.com/robsann/AzureSentinelSIEMAttackMap

---

📁 Cyber Security Standards Overview

Standards in cyber security are guidelines and best practices that organizations follow to protect their systems, networks, and data from cyber threats. These standards help ensure that security measures are consistently implemented and maintained, improving overall security posture.

NIST Standards Overview

🔎 The NIST Cybersecurity Framework (CSF) 2.0

• The NIST Cybersecurity Framework (CSF) 2.0 is a set of guidelines and best practices for managing cyber security risks.
• It provides a common language for organizations to communicate about cyber security and assess their current cyber security posture.
• The framework helps organizations identify, protect, detect, respond to, and recover from cyber security threats.
• It is a flexible and customizable tool that can be adapted to meet the specific needs of different organizations.

Table of Contents

1.Cybersecurity Framework (CSF) Overview

2.Introduction to the CSF Core

3.Introduction to CSF Profiles and Tiers

4.Introduction to Online Resources That Supplement the CSF

5.Improving Cybersecurity Risk Communication and Integration

🔎 NIST SP 800-12 Rev. 1: An Introduction to Information Security

• NIST SP 800-12 Rev. 1 is a publication that serves as an introduction to information security.
• It provides guidance on understanding the importance of information security, the risks and threats that organizations face, and the best practices for protecting information assets.
• The document covers topics such as security policies, risk management, security controls, and incident response.
• It is designed to help organizations establish a strong foundation for their information security programs and ensure the confidentiality, integrity, and availability of their data and systems.

Table of Content

1.Introduction

2.Elements of Information Security

3.Roles and Responsibilities

4.Threats and Vulnerabilities: A Brief Overview

5.Information Security Policy

6.Information Security Risk Management

7.Assurance

8.Security Considerations in System Support and Operations

9.Cryptography

10.Control Families

🔎 NIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations

• NIST SP 800-37 Rev. 2 is a publication that outlines a structured approach to managing risks associated with information systems and organizations.
• The framework provides a systematic process for identifying, assessing, and responding to risks, with the goal of protecting critical assets and ensuring the confidentiality, integrity, and availability of information.
• It emphasizes continuous monitoring and improvement, as well as collaboration between stakeholders to effectively manage and mitigate risks.
• The framework is designed to be flexible and scalable, making it applicable to organizations of all sizes and industries.

Table of Contents

1.Introduction

2.The Fundamentals

3.The Process

🔎 NIST SP 800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations

• NIST SP 800-53 Rev. 5 is a publication that provides a comprehensive set of security and privacy controls for information systems and organizations.
• These controls are designed to help organizations protect their sensitive information and systems from various threats, including cyber attacks, data breaches, and unauthorized access.
• The publication outlines a framework for implementing security and privacy measures, including policies, procedures, and technical safeguards, to ensure the confidentiality, integrity, and availability of information.
• It is widely used by government agencies, private sector organizations, and other entities to enhance their cyber security posture and compliance with regulations.

Table of Contents

1.Introduction

2.The Fundamentals

3.The Controls

🔎 NIST SP 800-61 Rev 2: Computer Security Incident Handling Guide

• NIST SP 800-61 Rev 2 is a comprehensive guide to help organizations effectively respond to and manage computer security incidents.
• It provides a structured approach for handling incidents, including preparation, detection, analysis, containment, eradication, recovery, and post-incident activities.
• The guide outlines best practices for incident response, including establishing an incident response team, creating incident response policies and procedures, and conducting post-incident reviews to improve future incident handling.
• By following the guidelines outlined in NIST SP 800-61 Rev 2, organizations can better protect their systems and data from cyber threats.

Table of Contents

Executive Summary

1.Introduction

2.Organizing a Computer Security Incident Response Capability

3.Handling an Incident

4.Coordination and Information Sharing

🔎 NIST SP 800-63-3: Digital Identity Guidelines

• NIST SP 800-63-3 is a set of guidelines created to help organizations improve the security and usability of digital identity systems.
• The guidelines provide recommendations for identity proofing, authentication, and lifecycle management, with a focus on protecting against identity theft and fraud.
• By following these guidelines, organizations can enhance the security of their digital systems and better protect the privacy and security of their users' identities.

Table of Contents

1.Purpose

2.Introduction

3.Definitions and Abbreviations

4.Digital Identity Model

5.Digital Identity Risk Management

6.Selecting Assurance Levels

7.Federation Considerations

8.References

🔎 NIST SP 800-82 Rev. 3: Guide to Operational Technology (OT) Security

• NIST SP 800-82 Rev. 3 is a guide developed to help organizations secure their Operational Technology (OT) systems.
• It provides recommendations and best practices for protecting OT systems, which are used to monitor and control physical processes in industries such as manufacturing, energy, and transportation.
• The guide covers topics such as risk management, access control, network security, and incident response, helping organizations to identify and mitigate potential threats to their OT systems and ensure the reliability and safety of their operations.

Table of Contents

1.Introduction

2.OT Overview

3.OT Cybersecurity Program Development

4.Risk Management for OT Systems

5.OT Cybersecurity Architecture

6.Applying the Cybersecurity Framework to OT

🔎 NIST SP 800-115: Technical Guide to Information Security Testing and Assessment

• NIST SP 800-115 is a technical guide that provides organizations with guidance on conducting information security testing and assessments.
• The document outlines best practices for evaluating the effectiveness of security controls, identifying vulnerabilities, and assessing the overall security posture of an organization's systems and networks.
• It covers various testing methodologies, tools, and techniques that can be used to assess the security of an organization's information systems.
• The guide aims to help organizations improve their security posture and protect their sensitive information from cyber threats.

Table of Contents

Executive Summary

1.Introduction

2.Security Testing and Examination Overview

3.Review Techniques

4.Target Identification and Analysis Techniques

5.Target Vulnerability Validation Techniques

6.Security Assessment Planning

7.Security Assessment Execution

8.Post-Testing Activities

ISO/IEC Standards Overview

🔎 ISO/IEC 27001:2022: Information Security Management System (ISMS)

• ISO/IEC 27001 is an internationally recognized standard that outlines the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS).
• The ISMS is a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability.
• By implementing ISO/IEC 27001, organizations can identify and mitigate information security risks, comply with legal and regulatory requirements, and demonstrate their commitment to protecting data.
• This standard helps organizations build a culture of security, improve their reputation, and enhance customer trust.

Contents

1.Scope

2.Normative references

3.Terms and definitions

4.Context of the organization

5.Leadership

6.Planning

7.Support

8.Operation

9.Performance evaluation

10.Improvement

🔎 ISO/IEC 27002:2022: Information security controls

• ISO/IEC 27002 is a globally recognized standard that provides guidelines and best practices for implementing information security controls within an organization.
• It covers a wide range of security topics, including risk assessment, access control, cryptography, incident management, and compliance.
• The standard helps organizations establish a comprehensive framework for protecting their information assets and managing security risks effectively.
• By following the recommendations outlined in ISO/IEC 27002, organizations can improve their overall security posture, enhance their resilience to cyber threats, and demonstrate their commitment to safeguarding sensitive information.

Contents

1.Scope

2.Normative references

3.Terms, definitions and abbreviated terms

4.Structure of this document

5.Organizational controls

6.People controls

7.Physical controls

8.Technological controls

🔎 ISO/IEC 27005:2022: Guidance on managing information security risks

• ISO/IEC 27005 is a standard that provides guidelines for implementing an effective information security risk management process.
• It helps organizations identify, assess, and manage risks to their information assets.
• The standard outlines a systematic approach to risk management, including risk assessment, risk treatment, and risk monitoring and review.
• By following the principles and guidelines set forth in ISO/IEC 27005, organizations can better protect their sensitive information from threats and vulnerabilities, ensuring the confidentiality, integrity, and availability of their data.
• This standard is essential for organizations looking to establish a robust information security risk management framework.

Contents

1.Scope

2.Normative references

3.Terms and definitions

4.Structure of this document

5.Information security risk management

6.Context establishment

7.Information security risk assessment process

8.Information security risk treatment process

9.Operation

10.Leveraging related ISMS processes

🔎 ISO/IEC 27017:2015: Code of Practice for Information Security Controls for Cloud Services

• ISO/IEC 27017 is a code of practice that provides guidelines for implementing information security controls in cloud services.
• It outlines specific security measures that cloud service providers should implement to protect the confidentiality, integrity, and availability of data stored in the cloud.
• The standard covers areas such as data encryption, access control, incident response, and compliance with legal and regulatory requirements.
• By following the guidelines outlined in ISO/IEC 27017, organizations can ensure that their data is secure and protected when using cloud services.

Contents

1.Scope

2.Normative references

3.Definitions and abbreviations

4.Cloud sector-specific concepts

5.Information security policies

6.Organization of information security

7.Human resource security

8.Asset management

9.Access control

10.Cryptography

11.Physical and environmental security

12.Operations security

13.Communications security

14.System acquisition, development and maintenance

15.Supplier relationships

16.Information security incident management

17.Information security aspects of business continuity management

18.Compliance

🔎 ISO/IEC 27018:2019: Code of practice for protection of personally identifiable information (PII)
in public clouds acting as PII processors

• ISO/IEC 27018 is a code of practice that provides guidelines for protecting personal data in the cloud.
• It outlines specific controls and measures that cloud service providers should implement to ensure the privacy and security of personal information stored in the cloud.
• This standard addresses issues such as data encryption, data retention, data access controls, and transparency in data processing.
• By following the guidelines set forth in ISO/IEC 27018, organizations can demonstrate their commitment to protecting personal data and build trust with their customers regarding the handling of their sensitive information in the cloud.

Contents

1.Scope

2.Normative references

3.Terms and definitions

4.Overview

5.Information security policies

6.Organization of information security

7.Human resource security

8.Asset management

9.Access control

10.Cryptography

11.Physical and environmental security

12.Operations security

13.Communications security

14.System acquisition, development and maintenance

15.Supplier relationships

16.Information security incident management

17.Information security aspects of business continuity management

18.Compliance

🔎 ISO/IEC 27701:2019: Privacy Information Management System (PIMS)

• ISO/IEC 27701 is a standard that provides guidelines for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).
• It is an extension to the ISO/IEC 27001 standard, focusing specifically on privacy management within an organization.
• The standard helps organizations to identify and manage privacy risks, comply with privacy regulations, and build trust with stakeholders by demonstrating a commitment to protecting personal information.
• By implementing ISO/IEC 27701, organizations can enhance their privacy practices, improve data protection measures, and ensure the confidentiality, integrity, and availability of personal information.

Contents

1.Scope

2.Normative references

3.Terms, definitions and abbreviations

4.General

5.PIMS-specific requirements related to ISO/IEC 27001

6.PIMS-specific guidance related to ISO/IEC 27002

7.Additional ISO/IEC 27002 guidance for PII controllers

8.Additional ISO/IEC 27002 guidance for PII processors

---

📝 IT and Cyber Security Popular Certifications

A brief overview of popular CompTIA certifications, with mind maps detailing exam domains and links to related YouTube resources, is provided here. This includes System Administration and Network Administration certifications such as CompTIA A+, CompTIA Linux+, and CompTIA Network+, as well as Cyber Security certifications like CompTIA Security+ and CompTIA CySA+. You can access these mind maps in high-resolution PDF format on Dropbox by clicking on the images.

System Administration Certifications

CompTIA A+ Core 2 (220-1102) Objectives - CompTIA link

The CompTIA A+ Core 2 certification objectives cover advanced troubleshooting, operating systems, security, and software troubleshooting. It includes topics like hardware, networking, mobile devices, virtualization, and cloud computing. Candidates are tested on their ability to secure and manage various devices and technologies, ensuring comprehensive IT skills and knowledge. CompTIA A+ Core 2 demonstrates proficiency in essential IT areas.

Exam Domains

1.0 Operating Systems

2.0 Security

3.0 Software Troubleshooting

4.0 Operational Procedures

Professor Messer CompTIA A+ Core 2 (220-1102) course - YouTube Link

CompTIA Linux+ (XK0-005) Objectives - CompTIA link

The CompTIA Linux+ certification validates essential skills in Linux system administration and operation. Covering topics such as system architecture, Linux installation, package management, command line usage, file permissions, and security, this certification ensures proficiency in managing Linux-based systems. Candidates learn troubleshooting, scripting, and networking in a Linux environment, making them well-equipped for various IT roles requiring Linux expertise. Achieving CompTIA Linux+ certification demonstrates a thorough understanding of Linux systems.

Exam Domains

1.0 System Management

2.0 Security

3.0 Scripting, Containers, and Automation

4.0 Troubleshooting

Shawn Powers' CompTIA Linux+ (XK0-005) prep (in progress) - YouTube Link

Network Administration Certifications

CompTIA Network+ (N10-008) Objectives - CompTIA link

The CompTIA Network+ certification validates essential skills in networking, covering topics such as network architecture, security, troubleshooting, and cloud technologies. Candidates learn to design and implement functional networks, configure network devices, and manage network security protocols. The certification also emphasizes practical skills in areas like network installation, configuration, and diagnostics, ensuring proficiency in both wired and wireless networks. Overall, CompTIA Network+ certification demonstrates expertise in network administration.

Exam Domains

1.0 Networking Fundamentals

2.0 Network Implementations

3.0 Network Operations

4.0 Network Security

5.0 Network Troubleshooting

Professor Messer CompTIA Network+ (N10-008) course - YouTube Link

Cyber Security Certifications

CompTIA Security+ (SY0-501) Objectives - CompTIA link

The CompTIA Security+ certification objectives cover essential topics in cyber security, including network security, threats and vulnerabilities, access control, identity management, cryptography, and risk management. It also emphasizes security compliance, incident response, and security architecture. Successfully mastering these objectives demonstrates proficiency in securing IT systems.

Exam Domains

1.0 Threats, Attacks and Vulnerabilities

2.0 Technologies and Tools

3.0 Architecture and Design

4.0 Identity and Access Management

5.0 Risk Management

6.0 Cryptography and PKI

Professor Messer's CompTIA Security+ (SY0-501) course - YouTube Link

CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Objectives - CompTIA link

The CompTIA Cybersecurity Analyst (CySA+) certification focuses on identifying and responding to security threats and vulnerabilities in a cyber security context. CySA+ certified professionals demonstrate skills in threat detection, analysis, and response using various tools and techniques. They are proficient in analysing data to identify vulnerabilities, threats, and risks to an organization's information systems. CySA+ certification validates expertise in cyber security operations, enhancing an individual's ability to protect and secure organizational assets against cyber threats.

Exam Domains

1.0 Security Operations

2.0 Vulnerability Management

3.0 Incident Response and Management

4.0 Reporting and Communication

Cyber Security Resources

Cyber Security Domains from 2021 (credits to MyDFIR)

Mind map from 2021 that provides a comprehensive overview of the various domains within cyber security.

Hands-on Platforms for Cyber Security Operations

• LetsDefend: Hands-on security operations training with alert addressing on simulated SOC environment.
• CyberDefenders: A blue team training platform.
• TryHackMe: Hands-on cyber security training with offensive and defensive paths.
• HackTheBox: Hands-on cyber security training with offensive and defensive paths.

---

💾 IT and Cyber Security Concepts

Below are brief descriptions accompanied by images to help illustrate popular concepts in IT and Cyber Security.

SysAdmin Concepts

Linux File System

The Linux File System is a hierarchical structure that organizes and stores files on a Linux system. It uses a tree-like directory structure, starting with the root directory ("/"), with directories and files arranged systematically to facilitate efficient file management and access.

Linux File Permissions

Linux File Permissions dictate the access level of users (owner, group, and others) to files and directories. They are represented by read, write, and execute permissions, providing control over file security and user interactions.

Linux Useful Commands

Linux commands help users navigate the file system, interact with the files, and administer the entire system using the command line interface.

Note: Use the man command to display the manual page for other commands (e.g., man ls), providing detailed documentation and usage instructions, or use the --help option (e.g., ls --help) for a quick overview of the command options.

Linux Useful Files

• Configuration files (/etc/) store system-wide settings, preferences, and configurations for various applications, facilitating centralized management.
• System Info files (/proc/) provide a virtual file system exposing kernel and process information, allowing dynamic access to real-time system details and parameters.
• Log files (/var/log/) store system and application logs, aiding in troubleshooting by capturing events, errors, and diagnostic information for analysis and monitoring.

Networking Concepts

OSI Model

The Open Systems Interconnection (OSI) model is a conceptual framework used to describe how network communications work. The OSI model characterizes computing functions into a universal set of rules and requirements in order to support interoperability between different products and software.

TCP vs UDP

TCP (Transmission Control Protocol) is a connection-oriented and reliable transport layer protocol, that ensures data integrity and ordered delivery. UDP (User Datagram Protocol) is a connectionless and lightweight transport layer protocol that sacrifices reliability for reduced latency, making it suitable for real-time applications where occasional data loss is acceptable.

DHCP

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on IP networks that, in 4 steps, automatically assigns IP addresses and other communication parameters to devices connected to the network using a client-server architecture.

DNS

The Domain Name System (DNS) is a naming database that translates human-readable domain names (e.g., www.example.com) to machine-readable IP addresses (e.g., 93.184.216.34) used for device communication. If the website is not cached, the DNS resolver will query Root Servers, Top-Level Domain (TLD) Servers, and Authoritative Nameservers to retrieve the IP address.

Cyber Security Concepts

The CIA Triad

The CIA Triad is a fundamental concept in information security, representing the core principles of Confidentiality (ensuring data privacy), Integrity (maintaining data accuracy and trustworthiness), and Availability (ensuring data accessibility). These principles guide security measures and strategies to protect information assets in various computing environments.

The Cyber Kill Chain

The Cyber Kill Chain is a framework outlining the stages of a cyber attack, from initial reconnaissance to achieving the attacker's objectives, providing a structured approach for understanding, analysing, and defending against advanced cyber threats.

MITRE ATT&CK Matrix

MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a knowledge base that catalogues and describes the tactics, techniques, and procedures used by cyber adversaries. It provides a comprehensive framework for understanding and analysing the full spectrum of cyber threats, aiding organizations in improving their detection, defence, and response capabilities.

Pyramid of Pain

The Pyramid of Pain is a conceptual framework in cyber security that categorizes indicators of compromise (IOCs) in six levels based on the difficulty for adversaries to change or evade detection. The pyramid is structured in ascending order of difficulty, as illustrated below:

SOC Technologies

Security Operations Center (SOC) technologies encompass a range of tools designed to monitor, analyse, and respond to cyber security threats. These include SIEM for log analysis, EDR for endpoint protection, SOAR for orchestration, and other solutions that collectively fortify an organization's cyber security posture.

NIST Incident Response Framework

The NIST Incident Response Framework provides a systematic approach for organizations to prepare for, detect, respond to, and recover from cyber security incidents. It guides the development of robust incident response capabilities through a four-phase process: preparation, detection and analysis, containment, eradication, recovery, and post-incident activity.

SANS Incident Response Framework

The SANS Incident Response Framework provides a structured approach for organizations to effectively respond to cyber security incidents, comprising six key phases: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. It guides the development of robust incident response capabilities to detect, mitigate, and recover from security incidents.

---

💻 Other Stuff

Below are some helpful shell scripts, instructions for installing tools, and other miscellaneous resources.

📣 Useful Shell Scripts

Top CPU and Memory Usage

This script utilizes the ps command to display the top n processes based on CPU and Memory usage. You can access the script by clicking here.

Listening Ports

This script utilizes the ss and ps commands to show the listening ports along with the corresponding process and usernames, as well as the PID number. You can access the script by clicking here.

Host Discovery

This script utilizes Nmap to retrieve the IP addresses and MAC addresses of devices connected to the network, then compiles them into a table. You can access the script by clicking here.

🛠️ Tools

Zabbix

Zabbix is an open-source monitoring software tool used for monitoring the performance and availability of servers, network devices, and other IT infrastructure components. It provides real-time monitoring, alerting, and visualization features to help IT teams identify and resolve issues quickly. Zabbix can monitor a wide range of devices and applications, making it a versatile tool for managing and maintaining IT systems.

The procedure for the Zabbix installation can be found here.

Screenshots

• Docker containers

• Dashboards

• Hosts monitoring

• Problems monitoring

• Host dashboard

🎯 Random Stuff

AutoBlue MS17-010 Python 3 Fix

I wrote a suggestion to address the issue related to bytes and str types when running the AutoBlue MS17-010 exploit on Python 3, which was originally developed for Python 2. You can access the suggestions by clicking here.