Project

Introduction # Have you ever wanted your own server at home to run applications, host files, or experiment with new technologies? A homelab is the perfect way to do just that. But what about accessing your homelab securely from anywhere in the world? That’s where things can get complicated.

Introduction # In this part, we will attack the Windows 11 machine (target-pc) from our Kali machine and also use Atomic Red Team on the target-pc to simulate various attacks. We’ll then analyze the logs generated in Splunk to see how these attacks appear in the data.

Introduction # In the world of cyber-security, having hands-on experience is invaluable. A home lab setup offers a powerful sandbox to simulate real-world network environments and security incidents. Active Directory (AD) and Splunk are two of the most widely used tools in the industry, forming the backbone of network management and security monitoring in countless organisations.

CIA Triad # Before we jump into the project let’s understand why something like a File Integrity Monitor is required, for this we will need to understand the CIA triad. The CIA triad is a fundamental model in information security that stands for Confidentiality, Integrity, and Availability. This project will focus on the Integrity part.

Introduction # Honeypots are deceptive tools used in cybersecurity to attract and trap malicious actors. By simulating vulnerabilities, they divert attackers from real assets while gathering valuable intelligence on their tactics and methods. This strategy helps organizations enhance their security posture, understand emerging threats, and develop effective defensive measures against cybercrime. In this particular project we can see the bad actors trying to access our Windows VM through RDP.