24 Comments

I'm currently going through SANS Bachelor's Program and I agree that the caliber of instruction is magnificent.

Expand full comment

I'm sure it's fantastic.Jaw-droppingly, eye-wateringly, infuriatingly expensive, though, as is everything they offer. I'm clenching my jaw just thinking about it.

Expand full comment

Hello Eric,

The SOC analyst series is excellent! I'm about halfway through it. I was wondering, for when I'm done, if I wanted to describe the things I did in it for my resume, what exactly would I say in those 2-3 lines? Thanks in advance!

-Andrew

Expand full comment

Hey got same question as you. At the moment, i am going through this SOC analyst guide and if you get this reply can you please answer your own question for future help?

Thanks

Expand full comment

Hello Eric, Do you have a class where you train folks from start to finish until they land the job? Thanks

Expand full comment

Funny you should ask. I am working on just such a thing :) Stay tuned to the blog for updates.

Expand full comment

Any updates on this?

Expand full comment

It'll be a bit before we publish details, but we're targeting next year.

Expand full comment

Have you published details yet?

Expand full comment

Sorry, not yet for a live online course... We do have a couple related courses coming up though, one at Blackhat (closely related to this blog series content) and one at WWHF (threat hunting with Velociraptor).

https://www.blackhat.com/us-24/training/schedule/#advanced-security-operations-and-threat-hunting-37425

https://www.antisyphontraining.com/event/threat-hunting-incident-response-with-velociraptor-w-eric-capuano-whitney-champion-2/

Expand full comment

Hello, I have a problem with downloading the Windows virtual machine, the link you provided says "Due to ongoing technical issues, as of October 23, 2024, downloads are temporarily unavailable.". Would you be able to suggest any alternative?

Expand full comment

Hi, I am having an issue when trying to generate the C2 payload. I keep getting an error "Failed to write to: /opt/sliver/Terrible_Gloves.exe" any ideas?

Expand full comment

Could be many things. Hard to say without more information. Is Sliver running as root?

Expand full comment

Eric sorry, I resolved this by restarting my Ubuntu VM. No issues now. Working on part 4 tonight after work!

Expand full comment

Hey Eric! I hope you see this. Thank you for this lab but I'm having trouble at the setup attack system step in part 1. I enter the command ssh user@[Linux_VM_IP] and then say yes to add it. But my password says permission denied. Ive restarted the entire Ubuntu process twice and tried making a new pass but still no luck. I don't think im using the wrong IP address so idk what's wrong. Is it the Static IP with the /24 on it? Thanks!

Expand full comment

Can this lab set up work on M2 mac pro also can use VMware Fusion Pro 13 Mac OS to set up this lab?

Expand full comment

Sadly, no. The VMs used in this guide require x86/64 processors.

Expand full comment

I have a mac M1 and just wanted to know if this lab is possible to do with my system? I really want to do it, but unfortunately I don't have a windows computer.

Expand full comment

Sadly I do not think this lab will work on an M1... These VMs expect an x86/x64 processor.

Expand full comment

So using parallels won't work? Great post either way.

Expand full comment

Correct. Even with parallels, you can only virtualize ARM-based OSes which these are not. That's not to say it can't be done with ARM OSes, but this guide doesn't follow those steps -- you'd have to venture out and give it a shot.

Expand full comment

I'll give it a try. Thank you for responding.

Expand full comment

It could be on a Linux host, I assume.

Expand full comment

I was wondering this too. I assume it would work because I'm running the Linux Version of VMWare but you never know.

Expand full comment