Mar 7 · 4 min read · In this case study, I investigated a high-severity alert from the LetsDefend platform: SOC250 – APT35 HyperScrape Data Exfiltration Tool Detected This alert simulates activity associated with APT35, a
Join discussion
Mar 2 · 5 min read · A Real SOC Investigation | LetsDefend Walkthrough Today’s alert is a serious one: ⭐ SOC239 -Remote Code Execution Detected in Splunk Enterprise Whenever “RCE” appears in an alert title, the severity
Join discussion
Feb 28 · 4 min read · A Command Injection Investigation | LetsDefend SOC Lab Today’s alert immediately caught my attention: Whoami Command Detected in Request Body At first glance, it may look like a harmless Linux command
Join discussion
Feb 26 · 4 min read · Today, we’ll be investigating another LetsDefend SOC alert: SOC169 — Possible IDOR Attack Detected In this walkthrough, we’ll analyze how repeated web requests exposed a serious web application vulner
Join discussion
Feb 17 · 3 min read · ReactOOPS is a web-focused challenge that demonstrates how modern JavaScript frameworks can introduce critical backend vulnerabilities when misconfigured. In this walkthrough, we enumerate a Next.js application, identify a vulnerable React Server Com...
Join discussionFeb 10 · 3 min read · This write-up follows the same format and structure as my previous articles, combining short theoretical questions with a practical walkthrough to demonstrate how a misconfigured MySQL/MariaDB service can expose sensitive data. Task 1 During our sca...
Join discussion
