I recently passed my SC-200 exam and I wanted to share the resources I used to pass this exam. To keep it tl;dr, I recommend these three essential resources that are (in my opinion) key to passing the SC-200 exam: Udemy “SC-200 Microsoft Security Operations Analyst Course & SIMs” by John Christopher Microsoft Learn SC-200…
Installing GOAD on Parrot Security OS
Ever wanted to practice pentesting a virtual Active Directory environment but thought it would be a massive hassle to set up? That’s where the tool GOAD (Game Of Active Directory) comes into play. As per the github: The purpose of this tool is to give pentesters a vulnerable Active directory environment ready to use to…
Server Hardening with Wazuh: An Open-Source XDR Solution
My cloud-hosted VPS serves as a personal VPN server that also routes traffic through a Pi-hole to block ads and trackers—because, honestly, that’s the only way the internet is useable these days. It’s been running for a couple of years with little to no maintenance, and recently, I decided it was time to put my…
Malware Delivery via Blender
Traditional phishing and malware delivery attacks typically follow a predictable pattern: “Hey user, open this Word document. It contains important information you need to see.” The user opens the document. “Hey user, enable macros to view the contents of this important document.” The user clicks “Enable Content.” A hidden macro runs a PowerShell script in…
Pivoting for Dummies: Ligolo-ng
Moving laterally within a compromised network, pivoting from one target network onto a secondary target network, or even a third, can be confusing for those who are not accustomed to the technique and find that there are a million pivoting tools out there that look to do the same exact thing. There are certainly other…
Malware Analysis – A “totally legit” trading bot
I was recently sent this video by a friend who wanted to know if this was “legit”: The video advertises a trading bot that automates trades between crypto USDT and USDC, taking advantage of small price differences to generate guaranteed profit. Sounds too good to be true right? Let’s examine this so-called trading bot using…
Leveling Up with HackTheBox Academy (CPTS & CDSA)
I have been working as SOC Analyst for several years, primarily working in banking Cyber Security Operation Centers. However after taking a career break, I wanted to refresh and upgrade my skills before re-entering the job market. Given the high costs of traditional cybersecurity certifications (I’m looking at you OffSec and SANS!!), I sought a…
-
>Sudo Savvy is the personal blog of Stuart, a cyber security professional from Scotland with a passion for defensive and offensive security.Stuart is a: >Microsoft Certified: Security Operations Analyst Associate >Red Team Operator (CRTO) >Certified Defensive Security Analyst (CDSA) >Certified Penetration Testing Specialist (CPTS) >GIAC Certified Incident Handler (GCIH) - Passing the Microsoft Security Operations Analyst Exam (SC-200)
- Installing GOAD on Parrot Security OS
- Server Hardening with Wazuh: An Open-Source XDR Solution
- Malware Delivery via Blender
- Pivoting for Dummies: Ligolo-ng
- Malware Analysis – A “totally legit” trading bot
- Leveling Up with HackTheBox Academy (CPTS & CDSA)
- Hello World