-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.xml
106 lines (106 loc) · 9 KB
/
index.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0">
<channel>
<title>SecurityNguyen Blog</title>
<link>https://tryhardnguyen.github.io/</link>
<description>Cybersecurity Blog filled with CTF Writeups, HomeLabs, Project</description>
<generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Thu, 25 May 2023 00:00:00 +0000</lastBuildDate>
<atom:link href="https://tryhardnguyen.github.io/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Reconnaissance (CKC) - Modern Cyber Range - Attacker PoV</title>
<link>https://tryhardnguyen.github.io/posts/recon/</link>
<pubDate>Thu, 25 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/recon/</guid>
<description><![CDATA[Types of Reconnaissance CKC = Cyber Kill Chain
Disclaimer: Everything is all virtualize in the host computer. Fake simulations
Passive Reconnaissance Definition: When you’re not engaging with the target to extract information. Example of Passive reconnaissance is google dorking, whois, nslookup, dig.
Usually passive reconnaissance can not be easily detected simply because you’re mimicking a visitor of a site.
This post won’t be covering it. Please refer to here if you want to get practice: https://tryhackme.]]></description>
</item>
<item>
<title>Story Backgound - Modern Cyber Range</title>
<link>https://tryhardnguyen.github.io/posts/storytelling/</link>
<pubDate>Thu, 25 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/storytelling/</guid>
<description><![CDATA[Character Company: SecurityNguyen
Ethan Sullivan - Hacker Olivia Parker - Manager Nguyen Nguyen - Security Analyst Randy Moss - Employee This story is based on a “imaginary company” named: SecurityNguyen. SecurityNguyen has hired a Security Analyst named: “Nguyen Nguyen (Win)” to be charge of monitoring and securing the infrastructure. Little to Win knowledge that there is a vulnerable web server in the company network. We have a person name “Ethan Sullivan” who is a noob hacker that is trying to improve his skill so that he can join an APT call “Bloody Zoombie”.]]></description>
</item>
<item>
<title>Testing Endpoint Detection - Windows</title>
<link>https://tryhardnguyen.github.io/posts/testing-endpoint-detection-windows/</link>
<pubDate>Wed, 24 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/testing-endpoint-detection-windows/</guid>
<description><![CDATA[Tools used:
Security Onion -> Elastic stack as the SIEM. sysmon Winlogbeat to ship Sysmon logs As we can see from the Log Count by Node. I can see my hostname of my client computer this mean that there are some logs shipped to SecurityOnion. Let’s do try out a command and see if the sysmon is able to record it. The command we will try is: ipconfig and tasklist /v \ ]]></description>
</item>
<item>
<title>Create OU, GPO, Enable Logging within Windows Server</title>
<link>https://tryhardnguyen.github.io/posts/ou-gpo-cyberrange/</link>
<pubDate>Mon, 22 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/ou-gpo-cyberrange/</guid>
<description><![CDATA[Goal The goal of this post is to create an OU (Group) for our users and apply GPO (Rules) to the Organizational Units. These GPO will allows us to enable logging without having to manually configure each device one by one. Let’s get started.
Create an OU (Organizational Unit) First, let’s create an organizational units (OU). To do this, we will go to Tools -> Right click on your domain and click on “New Organizational Unit”, Now type a name you want your organizational unit to be label as.]]></description>
</item>
<item>
<title>Test Scan on Metasploitable2</title>
<link>https://tryhardnguyen.github.io/posts/test-scan/</link>
<pubDate>Sun, 21 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/test-scan/</guid>
<description><![CDATA[Adding a Packet Sniffer To see the attacks that I carried out on my virtual machine, I installed Kali Linux Purple to be my sniffer. \
Carrying out the Test Scan Before we carry out the attack, we need to do some preparations! First, we need to know if we can reach metasploitable. To find out this answer, we will use the ping command. ping resultThen, we can use the curl command to see if we can get the webpage of metasploitable curl resultLook like we can reach metasploitable just fine.]]></description>
</item>
<item>
<title>Configure Metasploitable3</title>
<link>https://tryhardnguyen.github.io/posts/metasploitable2/</link>
<pubDate>Thu, 18 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/metasploitable2/</guid>
<description><![CDATA[The problem When booted out from the box. Metasploitable will not have certain network configuration met such as one network interface not appearing on ifconfig.
The goal My goal is to demonstrate how to add network adapter and statically change the IP address so that it works with my cyber range. First, I will do sudo nano /etc/network/interfaces Now, this is where all the magic happens. I’m going to add an eth1 for my additional adapter.]]></description>
</item>
<item>
<title>SecurityOnion - Modern Cyber Range</title>
<link>https://tryhardnguyen.github.io/posts/securityonion-modern-cyber-range/</link>
<pubDate>Thu, 18 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/securityonion-modern-cyber-range/</guid>
<description><![CDATA[Accessing the Security Onion Page This post is not going cover the installation of security onion. There are alot of youtube video covering installation or reading the documentation will help.
Documentation: https://docs.securityonion.net/en/2.3/
Right now, I’m on my Win10 (Victim1) machine. I can access my Security onion using http://192.168.40.3. Then, I’m going to enter my credentials that I created during the installation of my security onion. After that you will be greeted by the overview.]]></description>
</item>
<item>
<title>Creating a User Account with AD</title>
<link>https://tryhardnguyen.github.io/posts/creating-user-account-with-ad/</link>
<pubDate>Tue, 16 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/creating-user-account-with-ad/</guid>
<description><![CDATA[The start In the Server Manager -> Tools -> Active Directory Users and Computers -> Click on Users -> Right click New -> User.
Then it will ask you to fill in the blank with the user information. You can go to your random name generator to get your pretend users. Here is the link to the random name generator I used: https://randomwordgenerator[.]com/name[.]php
Then it will ask you to create an password for the user.]]></description>
</item>
<item>
<title>How to Domain Join - Windows Client</title>
<link>https://tryhardnguyen.github.io/posts/domain-join/</link>
<pubDate>Tue, 16 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/domain-join/</guid>
<description><![CDATA[Join the Computer to the Domain On the search bar, type “System” and click on the icon You should have this GUI appear. Now, let click on “Advanced System Settings” -> “Computer Name” -> Then click “Change”.
For “Computer Name” this is what will appear on our host_name. I’m going to name it “person1” so that it easy to reconginze. Then, we are going to click on the circle next to “Domain” and type in our domain name.]]></description>
</item>
<item>
<title>Configure pfsense firewall</title>
<link>https://tryhardnguyen.github.io/posts/cyberrange_firewall/</link>
<pubDate>Mon, 15 May 2023 00:00:00 +0000</pubDate>
<author>Nguyen Nguyen</author>
<guid>https://tryhardnguyen.github.io/posts/cyberrange_firewall/</guid>
<description><![CDATA[Since, I already installed my pfsense. I just need to configure it. Looking at our Modern Cyber Range Diagram: 192.168.40.1 will have a static IP and will be our gateway to the internet. Then, our Windows Server will lease IP address from 192.168.40.2-192.168.40.254 to our workstation. All that is left is to implement it.
What I’m going to do is change the LAN to 192.168.40.1. I’m going enter 2. The GUI will ask me "Enter the number of the interface you wish to configure", since 1 is our WAN, 2 is LAN.]]></description>
</item>
</channel>
</rss>