Notes

HackTheBox SOC

Detecting Windows Attacks with Splunk
• Detecting Common User/Domain Recon
  <windows/> <splunk/> <soc/>
• Detecting Password Spraying
  <windows/> <splunk/> <soc/>
• Detecting Responder-like Attacks
  <windows/> <splunk/> <soc/>