Видео

Thank you for the video it was really helpful :)

Thank you

thank you a lot

I just want to say thank you. Out of the walkthroughs I've seen, yours are the easiest to follow and understand.

Thank you so much. You are an excellent teacher.

no longer useful

Thank You sir

Yeah this walkthrough doesn't work on the current version

Thank you! Still do not understand alot of it, but this helps.

1N5qMlh7AYXYzjxad*02

Remote desktop machine is not connecting

Please do more of log analysis using grep command❤❤❤

For the GIF rule you need to use the double content i guess alert tcp any any <> any any (msg: "GIF file detected"; content:"GIF87a"; fast_pattern; content:"GIF89a";sid:1000001; riv:1;)

Good content, volume is a bit low

gkape.exe .tkape Compound Targets .mkape bin KapeTriage !EZParser %d %m %d %m debug tlist cu 1C6F654E59A3B0C179D366AE&0 Z:\setup 11/25/2021 3:33 RunWallpaperSetup.cmd 11/30/2021 15:44 E

Ну вы и уебаны, могли бы оставить комментарии с ответами

lol i hat trouble with task 7 as well but how u spam the enter button is so funny :)

it would be good to know how to search for the answers instead of just preparing them and make a youtube video about it.

very helpful. Please just make the videos louder. Thank you!!! 😁

For task 4 with the PNG file, how did you know what to use for the content query? I've looked at three other guides and one of the first things they all say is "if you look at the wiki..." I know thr content filter needs to be there but how did you know what specific entry to use? There's no mention of it in the instructions and I can't seem to find anyone who can explain how they knew they needed to enter 89 50 4E etc in the content section of the rule. How did you know this was needed? Where and how did you pull this info? Please help.

thanks really nice walkthrough

Thank you

where you get the rules , its easy to copy and paste ??.. thanks for your videos'

terrible sound

thks😀

Thank you so much! :)

I also tried doing this lab independently and got the same number of events as you. I think its an issue with the lab.

Hi very good, it's possible to publish your note ?

Thank you. And the best way to solve this task is to log in your TryHackMe account within the Attackbox. Wireshark was actually not needed which is confusing.

good work denza. glad to see more people taking the time to make real-world tutorials. keep it up

I have been struggling understanding the Snort rule base and your video has helped massively. Thank you

Good Job.

Thanx bro..!

very helpful. thank you

TASK-9 alert icmp any any <> any any (msg: IP ID Found"); id:35369; sid: 100001; rev:1;) alert tcp any any <> any any (msg: TCP SYN Found"); Flags:S; sid: 100001; rev:1;) alert tcp any any <> any any (msg: TCP SYN Found"); Flags:PA; sid: 100001; rev:1;) alert tcp any any <> any any (msg: Same IP Found"); sameip; sid: 100001; rev:1;) alert udp any any <> any any (msg: Same IP Found"); sameip; sid: 100002; rev:2;)

Great video! You should do more. thank you very much.

CTRL+F command for search