- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Suspicious Base64 Commands SSH Brute Force, Python Credential Decode | LetsDefend SOC302
Day 127 of Becoming a SOC Analyst — SOC302 Suspicious Base64 Encoding/Decoding Commands Detected (True Positive — Active Intrusion)
Attacker from 143.244.44.163 (flagged malicious on both VT and AbuseIPDB as VPN infrastructure) brute-forced SSH on host Wilburn (172.16.17.74), authenticating as analyst at 06:44 AM. Post-access recon hunted for credential files via find / -type f -name *password* and find / -type f -name *important*, locating a base64-encoded credential store at /root/Documents/important — a Python one-liner decoded it to plaintext, revealing 10 IP/username/password pairs. Lateral movement risk confirmed high given the recovered credential list — all 10 credentials require immediate rotation.
🔬 Analysis Reports
🦠 VirusTotal (143.244.44.163) → https://www.virustotal.com/gui/ip-address/143.244.44.163
🔍 AbuseIPDB (143.244.44.163) → https://www.abuseipdb.com/check/143.244.44.163?page=4
Scenario sourced from LetsDefend.io — one of the best hands-on SOC analyst training platforms out there.
Highly recommend if you're on the same path. I'm documenting every day of my journey to landing a Level 1 SOC Analyst role — the wins, the grinds, and everything in between.
🔵 What I Cover
Threat Detection · Alert Triage · SIEM Analysis · Log Analysis · Incident Response · Blue Team Tools
🚨 Open to Work — Seeking a Level 1 SOC Analyst role in Melbourne or Remote (AU)
📂 Portfolio → inksec.io
💼 LinkedIn → linkedin.com/in/tate-pannam-8b64b23a3
If you chose the red pill... 0x74617465.sh
#SOCAnalyst #BlueTeam #Cybersecurity #Base64 #CredentialAccess #SSHBruteForce #Python #UnsecuredCredentials #IncidentResponse #SIEM #Day127 #CyberSecurityJourney #Melbourne #LetsDefend #LetsDefendSOC #ThreatHunting #InfoSec #BlueTeamSecurity
Видео Suspicious Base64 Commands SSH Brute Force, Python Credential Decode | LetsDefend SOC302 канала InkSec
Attacker from 143.244.44.163 (flagged malicious on both VT and AbuseIPDB as VPN infrastructure) brute-forced SSH on host Wilburn (172.16.17.74), authenticating as analyst at 06:44 AM. Post-access recon hunted for credential files via find / -type f -name *password* and find / -type f -name *important*, locating a base64-encoded credential store at /root/Documents/important — a Python one-liner decoded it to plaintext, revealing 10 IP/username/password pairs. Lateral movement risk confirmed high given the recovered credential list — all 10 credentials require immediate rotation.
🔬 Analysis Reports
🦠 VirusTotal (143.244.44.163) → https://www.virustotal.com/gui/ip-address/143.244.44.163
🔍 AbuseIPDB (143.244.44.163) → https://www.abuseipdb.com/check/143.244.44.163?page=4
Scenario sourced from LetsDefend.io — one of the best hands-on SOC analyst training platforms out there.
Highly recommend if you're on the same path. I'm documenting every day of my journey to landing a Level 1 SOC Analyst role — the wins, the grinds, and everything in between.
🔵 What I Cover
Threat Detection · Alert Triage · SIEM Analysis · Log Analysis · Incident Response · Blue Team Tools
🚨 Open to Work — Seeking a Level 1 SOC Analyst role in Melbourne or Remote (AU)
📂 Portfolio → inksec.io
💼 LinkedIn → linkedin.com/in/tate-pannam-8b64b23a3
If you chose the red pill... 0x74617465.sh
#SOCAnalyst #BlueTeam #Cybersecurity #Base64 #CredentialAccess #SSHBruteForce #Python #UnsecuredCredentials #IncidentResponse #SIEM #Day127 #CyberSecurityJourney #Melbourne #LetsDefend #LetsDefendSOC #ThreatHunting #InfoSec #BlueTeamSecurity
Видео Suspicious Base64 Commands SSH Brute Force, Python Credential Decode | LetsDefend SOC302 канала InkSec
Комментарии отсутствуют
Информация о видео
22 ч. 39 мин. назад
00:27:59
Другие видео канала
sudo CVE-2025-32463 — chroot Privilege Escalation Confirmed on Linux Host | LetsDefend Alert SOC341
Wscript.exe LOLBin Executes VBS Dropper — C2 Comms on Non-Standard Port | LetsDefend Alert Triage
QBot Malware Memory Forensics — Tracing a Banking Trojan from Excel Macro to C2 | CyberDefenders Lab
Day 45 of Becoming a SOC Analyst | MSHTA Abused to Download Remote Payload — LOLBin Staging Attack
Obfuscated PowerShell Downloads Remote Script In-Memory — Fileless Malware | LetsDefend SOC102
SOC257 Investigation | VPN Login from Unauthorized Country (True Positive) | LetsDefend SOC
SQL Injection Attack Detected (Exploit Public-Facing App) | LetsDefend SOC Investigation
SOC Malware Analysis – Malicious DOC Dropper Investigation (LetsDefend Malware Challenge)
SOC Web Attack Challenge – Deep Log Analysis Walkthrough (LetsDefend)
LetsDefend ANY.RUN Question – Which File Is Malicious? (Sandbox Analysis Explained)
Phishing Reset Link Leads to Credential Theft | Let’s Defend SOC275 Investigation
SOC176 RDP Brute Force Detected (EventID 234) | Confirmed Compromise | LetsDefend SOC
CRITICAL Lumma Stealer Infection | ClickFix Phishing → DLL Side-Loading (SOC338 LetsDefend)
XWorm RAT | Static & Dynamic Malware Analysis | CyberDefenders DFIR Lab
TryHackMe Night Shift Task 8 Walkthrough SOC Analyst Ransomware and Cloud Investigation
SQL Injection Alert on Authorized Pentest Activity — False Positive Triage | LetsDefend Alert Triage
Windows Defender Evasion — Brute Force Entry, Rundll32 LOLBin PoC | LetsDefend SOC321
SOC Investigation – Malicious Attachment Detected (Phishing Alert) (LetsDefend SOC114)
SOC101 Phishing Mail Detected — Emotet Macro Dropper via Fake UPS Notification | LetsDefend Alert
CRITICAL PAN-OS Exploited | CVE-2024-3400 Command Injection (LetsDefend SOC274)
Phishing Email — Emotet Attachment Blocked, C2 Infrastructure Identified | LetsDefend Alert Triage
