🔒 Hands-On Cybersecurity Course + INTERNSHIP 🔒
[ Ссылка ]
In this video, I setup Azure Sentinel (SIEM) and connect it to a live virtual machine acting as a honey pot. We will observe live attacks (RDP Brute Force) from all around the world. We will use a custom PowerShell script to look up the attackers Geolocation information and plot it on the Azure Sentinel Map! LEARN THIS IN DEPTH AND PUT THIS ON YOUR RESUME!
🙇♂️ - Patreon - 🙇♂️
▶ [ Ссылка ] - Any support greatly appreciated!!
▶ PowerShell Script for the Lab: [ Ссылка ]
▶ Azure Trial: [ Ссылка ]
▶ Sentinel Map Query:
FAILED_RDP_WITH_GEO_CL | summarize event_count=count() by sourcehost_CF, latitude_CF, longitude_CF, country_CF, label_CF, destinationhost_CF
| where destinationhost_CF != "samplehost"
| where sourcehost_CF != ""
⌨️ - Coding - ⌨️
▶ My favorite coding tutorials (CodeWithMosh): [ Ссылка ]
📄 - Sample Resumes - 📄
▶ Vulnerability Management: [ Ссылка ]
▶ Software Engineering: [ Ссылка ]
▶ Cybersecurity: [ Ссылка ]
▶ Information Technology: [ Ссылка ]
⭐️ - Social Media - ⭐️
▶ Instagram: [ Ссылка ]
▶ LinkedIn: [ Ссылка ]
▶ Patreon: [ Ссылка ]
▶ Twitter: [ Ссылка ]
🎥 - Equipment - 🎥
▶ Camera (Sony a6600): [ Ссылка ]
▶ Mic (Blue Yeti): [ Ссылка ]
▶ Capture Card (Camera to PC): [ Ссылка ]
▶ Chair (AKRacing): [ Ссылка ]
▶ Lighting (Lamp): [ Ссылка ]
0:00 Intro
2:01 Preview of Technical steps
4:48 Create Azure Subscription
5:10 Create Virtual Machine
6:35 Allow all in Firewall
7:40 Create Log Analytics Workspace
8:35 Enable gathering VM logs in Security Center
9:10 Connect Log Analytics to VM
9:40 Setup Azure Sentinel
10:15 Log into VM with Remote Desktop (fail 1 logon)
11:45 Observe Event Viewer Logs in VM
14:55 Turn of Windows Firewall on VM
16:20 Download PowerShell Script
17:25 Get Geolocation.io API Key
18:05 Run Script To get Geo Data from attackers
21:20 Create custom log in LAW to bring in our custom log
24:25 Create custom fields/extract fields from raw custom log data
34:05 Testing Extracts
35:50 Setup map in sentinel with Latitude and Longitude (or country)
43:37 Fixing Map plot sizes
44:23 China Begins Attacking
45:15 Taiwan joins the attack
46:13 Philippines joins the attack
47:00 Russian + the rest of the world join in on the attack
48:50 Final check on map
49:55 Final Thoughts and takeaways
52:10 Outro
DISCLAIMER: This video description has some affiliate links and I may receive a small commission. I only share stuff that I use and believe in. Thanks so much for your support 🥺
Ещё видео!