dkshahzohaib/tryhackme-fakebank-splunk-botsv3-lab
GitHub: dkshahzohaib/tryhackme-fakebank-splunk-botsv3-lab
一个结合 TryHackMe 攻击靶机与 Splunk BOTS v3 日志分析的网络安全实战学习项目,帮助初学者从攻防两个视角理解 SOC 工作流程。
Stars: 0 | Forks: 0
🔥 GitHub 仓库 (README.md)
你可以将你的仓库命名为:
👉 tryhackme-fakebank-splunk-botsv3-lab
📄 README.md
# 🛡️ TryHackMe FakeBank + Splunk BOTS v3 SOC 分析
本项目记录了我的实践经验,将** offensive security(TryHackMe FakeBank 实验室)**与**使用 Splunk BOTS v3 数据集的 defensive security** 结合起来。
## 🚀 目标
- 使用 Gobuster 执行 Web 枚举
- 发现目标机器上的隐藏目录
- 模拟攻击者行为
- 使用 Splunk (BOTS v3 数据集) 分析真实日志
- 理解 SOC 调查工作流程
## 🧰 工具与技术
- Kali Linux
- Gobuster
- TryHackMe (FakeBank Lab)
- Splunk Enterprise
- BOTS v3 Dataset
- Linux CLI
## ⚔️ 第一部分:Offensive Security(FakeBank 实验室)
### 🔍 使用的命令
```
gobuster dir -u http://fakebank.thm -w wordlist.txt
📌 Findings
/images → Redirect (301)
/bank-transfer → Accessible (200)
💡 Key Learning
Directory brute-forcing helps uncover hidden endpoints
Status codes help identify valid paths
Real-world attackers use similar techniques
🛡️ Part 2: Defensive Security (Splunk BOTS v3)
Dataset: Splunk Boss of the SOC (BOTS) v3
🔍 Search Query
index=botsv3 earliest=0
📊 Data Sources Explored
AWS CloudTrail Logs
Windows Event Logs (Sysmon)
DNS / HTTP Traffic
Linux Logs
Network Traffic (PCAP-based logs)
🧠 SOC Investigation Skills Practiced
Log analysis & correlation
Identifying suspicious behavior
Threat hunting basics
Understanding attacker patterns
Working with multiple log sources
⚡ Key Takeaways
Offensive skills help understand attacker mindset
Defensive tools like Splunk help detect attacks
Real SOC work = connecting logs + context
Visibility across systems is critical
📂 Project Structure
/screenshots
gobuster-output.png
splunk-search.png
/notes
findings.md
📸 Screenshots
🔗 References
TryHackMe Offensive Security Intro
Splunk BOTS v3 Dataset
🧑💻 Author
Syed Zohaib Munir
Aspiring SOC Analyst | Cybersecurity Enthusiast
```
标签:BOTSv3, CloudTrail, SOC分析, Sysmon, TGT, TryHackMe, Web枚举, 安全可视化, 安全实验室, 安全运营中心, 插件系统, 攻防演练, 数据关联, 数据展示, 目录爆破, 红队, 网络安全, 网络安全审计, 网络映射, 隐私保护, 黄金证书