← RETURN TO BASE
Offensive Security

Log Analysis & Management

The art of reading the "Black Box" of systems.

INCLUDED IN:
SOC Operations & Incident Response

Operational Phase

01

Windows Event Logs

Understanding Security, System, and Application channels.

02

Linux Syslog

Reading /var/log/auth.log and journalctl.

03

Regex for Hunters

Writing regular expressions to find evil patterns.

04

Persistence Hunting

Finding scheduled tasks and registry run keys in logs.