Part 1: Linux auditd for Threat Detection [Part 1] Part 3: Linux auditd for Threat Detection [Final] Early 2022 I wrote part 1 of this “series” which received such positive response that I decided to do part 2. Enjoy. Recap & Introduction In part 1, we had an introduction to auditd and the…

Part 2: Linux auditd for Threat Detection [Part 2] A few years ago, I was asked to define an auditd configuration which would serve as the primary detection technology for a large organization. …

Introduction You’ve probably read a million articles talking about people’s OSCP experience and their tips to pass the exam. “Try harder”, “Enumerate enumerate enumerate”, “take regular breaks”, you must’ve read them all by now. Hence, this article will not be that. This is my first post and I thought I’d write…