@shreiya
shreiya
Nothing here yet.
Nothing here yet.
Jan 6 · 2 min read · 1. Report Information Incident ID: SOC-NET-SSH-001 Analyst: SOC L1 Analyst Date: 05-Jan-2026 Log Source: Network PCAP (Wireshark) Severity: Medium Status: Investigated 2. Executive Summary Multiple SSH connection attempts were detected target...
Join discussionDec 30, 2025 · 1 min read · IP AddressIncorrect StatementWhy It Is IncorrectCorrect Classification 193.142.146.112Phishing & credential harvesting infraOnly SSH brute-force and port scanning seen. No phishing pages, kits, or campaigns. Activity is old.Historical SSH brute-fo...
Join discussionDec 30, 2025 · 4 min read · Overview During the threat intelligence review phase, multiple IP addresses were initially described using generic, speculative, or incorrect threat labels.A detailed validation was performed using VirusTotal, AbuseIPDB, GreyNoise, and WHOIS/ASN anal...
Join discussionDec 29, 2025 · 4 min read · Index Report Information Executive Summary and Objectives Scope of Testing Lab Environment Setup Methodology Used Reconnaissance & Enumeration Network Scan Web Application Discovery Directory Enumeration Vulnerability Identification Expl...
Join discussion