I'm sure it's fantastic.Jaw-droppingly, eye-wateringly, infuriatingly expensive, though, as is everything they offer. I'm clenching my jaw just thinking about it.
Hello, I have a problem with downloading the Windows virtual machine, the link you provided says "Due to ongoing technical issues, as of October 23, 2024, downloads are temporarily unavailable.". Would you be able to suggest any alternative?
The SOC analyst series is excellent! I'm about halfway through it. I was wondering, for when I'm done, if I wanted to describe the things I did in it for my resume, what exactly would I say in those 2-3 lines? Thanks in advance!
Hey got same question as you. At the moment, i am going through this SOC analyst guide and if you get this reply can you please answer your own question for future help?
Sorry, not yet for a live online course... We do have a couple related courses coming up though, one at Blackhat (closely related to this blog series content) and one at WWHF (threat hunting with Velociraptor).
See the update at the top of the intro. I made the difficult decision to deprecate this version of the guide as it was becoming difficult to maintain and support two versions. Screenshots were outdated, some commands no longer worked, Microsoft discontinued their development VM, VMware challenges, etc. It’s been a long time coming, sorry that you were in the middle of it. The new version is updated, cloud hosted, and eliminates all the issues folks were having with the original.
Hi, I am having an issue when trying to generate the C2 payload. I keep getting an error "Failed to write to: /opt/sliver/Terrible_Gloves.exe" any ideas?
Hey Eric! I hope you see this. Thank you for this lab but I'm having trouble at the setup attack system step in part 1. I enter the command ssh user@[Linux_VM_IP] and then say yes to add it. But my password says permission denied. Ive restarted the entire Ubuntu process twice and tried making a new pass but still no luck. I don't think im using the wrong IP address so idk what's wrong. Is it the Static IP with the /24 on it? Thanks!
I have a mac M1 and just wanted to know if this lab is possible to do with my system? I really want to do it, but unfortunately I don't have a windows computer.
Correct. Even with parallels, you can only virtualize ARM-based OSes which these are not. That's not to say it can't be done with ARM OSes, but this guide doesn't follow those steps -- you'd have to venture out and give it a shot.
I'm currently going through SANS Bachelor's Program and I agree that the caliber of instruction is magnificent.
I'm sure it's fantastic.Jaw-droppingly, eye-wateringly, infuriatingly expensive, though, as is everything they offer. I'm clenching my jaw just thinking about it.
Hello, I have a problem with downloading the Windows virtual machine, the link you provided says "Due to ongoing technical issues, as of October 23, 2024, downloads are temporarily unavailable.". Would you be able to suggest any alternative?
Hello Eric,
The SOC analyst series is excellent! I'm about halfway through it. I was wondering, for when I'm done, if I wanted to describe the things I did in it for my resume, what exactly would I say in those 2-3 lines? Thanks in advance!
-Andrew
Hey got same question as you. At the moment, i am going through this SOC analyst guide and if you get this reply can you please answer your own question for future help?
Thanks
Hello Eric, Do you have a class where you train folks from start to finish until they land the job? Thanks
Funny you should ask. I am working on just such a thing :) Stay tuned to the blog for updates.
Any updates on this?
It'll be a bit before we publish details, but we're targeting next year.
Have you published details yet?
Sorry, not yet for a live online course... We do have a couple related courses coming up though, one at Blackhat (closely related to this blog series content) and one at WWHF (threat hunting with Velociraptor).
https://www.blackhat.com/us-24/training/schedule/#advanced-security-operations-and-threat-hunting-37425
https://www.antisyphontraining.com/event/threat-hunting-incident-response-with-velociraptor-w-eric-capuano-whitney-champion-2/
Nice guide!!
Nice guide!
what happened to the links? started this yesterday and the links to parts 1-6 are gone
See the update at the top of the intro. I made the difficult decision to deprecate this version of the guide as it was becoming difficult to maintain and support two versions. Screenshots were outdated, some commands no longer worked, Microsoft discontinued their development VM, VMware challenges, etc. It’s been a long time coming, sorry that you were in the middle of it. The new version is updated, cloud hosted, and eliminates all the issues folks were having with the original.
no prob thanks for the response and your work man. will give the new version a go!
Thanks for this informative blog! It's really helpful for anyone looking to pursue a career as a SOC Analyst.https://jobsnidhi.com/
Hi, I am having an issue when trying to generate the C2 payload. I keep getting an error "Failed to write to: /opt/sliver/Terrible_Gloves.exe" any ideas?
Could be many things. Hard to say without more information. Is Sliver running as root?
Eric sorry, I resolved this by restarting my Ubuntu VM. No issues now. Working on part 4 tonight after work!
Hey Eric! I hope you see this. Thank you for this lab but I'm having trouble at the setup attack system step in part 1. I enter the command ssh user@[Linux_VM_IP] and then say yes to add it. But my password says permission denied. Ive restarted the entire Ubuntu process twice and tried making a new pass but still no luck. I don't think im using the wrong IP address so idk what's wrong. Is it the Static IP with the /24 on it? Thanks!
Can this lab set up work on M2 mac pro also can use VMware Fusion Pro 13 Mac OS to set up this lab?
Sadly, no. The VMs used in this guide require x86/64 processors.
I have a mac M1 and just wanted to know if this lab is possible to do with my system? I really want to do it, but unfortunately I don't have a windows computer.
Sadly I do not think this lab will work on an M1... These VMs expect an x86/x64 processor.
So using parallels won't work? Great post either way.
Correct. Even with parallels, you can only virtualize ARM-based OSes which these are not. That's not to say it can't be done with ARM OSes, but this guide doesn't follow those steps -- you'd have to venture out and give it a shot.
I'll give it a try. Thank you for responding.
It could be on a Linux host, I assume.
I was wondering this too. I assume it would work because I'm running the Linux Version of VMWare but you never know.