WiLLson ➟ 👨‍💻 🐍

Although simple, it reinforced the importance of basic navigation and file inspection when exploring a system.

4/
Lesson Learned:
Understanding core Linux commands such as ls and cat is essential for beginners in cybersecurity and penetration testing.

5/
Tools/Commands Used:
ls
cat

By listing files with ls and reading the contents with cat, I was able to locate and extract the password.

3/
This challenge introduced me to the fundamentals of interacting with a Linux environment from the command line.

The objective of Level 0 was to retrieve the password stored in a file called readme.

2/
After logging into the remote system through SSH, I navigated the directory using basic Linux commands.

30-Day Cybersecurity Learning Journey
OverTheWire Bandit CTF Documentation (Day 1–10)

𝗧𝗵𝗿𝗲𝗮𝗱 🧵

1/
𝗢𝘃𝗲𝗿𝗧𝗵𝗲𝗪𝗶𝗿𝗲 𝗕𝗮𝗻𝗱𝗶𝘁 – 𝗟𝗲𝘃𝗲𝗹 0 → 1 (𝗗𝗮𝘆 1)
I started my cybersecurity learning journey by exploring the Bandit wargame.

It’s becoming fully comfortable in the Linux terminal while strengthening core fundamentals like:

• File systems
• Permissions
• Networking
• Command-line efficiency

I’ll also document lessons learned and progress along the way.

Small daily progress compounds fast.

Consistency builds mastery.

𝗗𝗮𝗶𝗹𝘆 𝗖𝗧𝗙 𝗗𝗶𝘀𝗰𝗶𝗽𝗹𝗶𝗻𝗲 ~ 𝗢𝘃𝗲𝗿𝗧𝗵𝗲𝗪𝗶𝗿𝗲 𝗝𝗼𝘂𝗿𝗻𝗲𝘆

Real technical skill isn’t built in bursts.

It’s built through consistency.

I’ve committed to 30 minutes every day to complete one OverTheWire level until I finish the entire series.

The goal isn’t just solving challenges.

🔅 Easily Find a File in Linux

Looking for a specific file on your Linux system? 🧐

Use this command:
find / -name "filename"
This searches the entire system for your file. 🔍

𝗟𝗲𝘀𝘀𝗼𝗻: One anomalous network flow can save the company.

𝗧𝗵𝗲 𝗦𝗨𝗦𝗣𝗜𝗖𝗜𝗢𝗨𝗦 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗙𝗹𝗼𝘄 – 𝗗𝗲𝗰𝗲𝗺𝗯𝗲𝗿 𝟵, 𝟮𝟬𝟮𝟱

SOC network logs showed one device sending unusual traffic to a rarely used external IP.

Investigation revealed malware beaconing for C2 communication.

Immediate containment stopped lateral movement and prevented data theft.

Then investigated the artifacts.

Lesson: ransomware is loud.
SOC analysts hunt the patterns.

🚨𝗥𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 𝗕𝗲𝗵𝗮𝘃𝗶𝗼𝗿 𝗟𝗮𝗯 (𝗕𝗲𝗴𝗶𝗻𝗻𝗲𝗿 𝗦𝗢𝗖)

Ransomware isn’t just malware.
It’s patterns.

In a controlled lab I simulated:
• Mass file changes
• AES encryption
• Files renamed to .locked
• A ransom note dropped

💡 Instant alert showed IP + time of access
Checked Windows logs:
• 4624 → login
• 5140 → network share access
• 5145 → file access

Attack → Alert → Timeline
Lesson: Even a simple decoy can teach you how SOC detection works.

Next: connect logs to a SIEM and see alerts in one place.

🚨 Beginner SOC Lab: Catching Sneaky Access

I built a small home lab to practice as a SOC analyst.

Setup:
• Windows 11 VM (victim)
• Kali Linux VM (attacker)
• Shared “HR” folder with a Canarytoken inside

Simulated an attack:
• Found the SMB share
• Opened files
• Triggered the Canarytoken

🐧
🐧
🐧
🐧
🐧🐧🐧🐧

🐧🐧🐧
🐧
🐧
🐧
🐧🐧🐧

🐧 🐧
🐧🐧 🐧
🐧 🐧🐧
🐧 🐧
🐧 🐧

🐧 🐧
🐧 🐧
🐧 🐧
🐧 🐧
🐧

🐧 🐧
🐧 🐧
🐧
🐧 🐧
🐧 🐧

3 certifications that actually get interviews:

Security+ (foundations)

AZ-900 (cloud)

Splunk Core Certified (hands-on SIEM)

TryHackMe SAL1

Forget the rest (at least for now).

"HOW A WI-FI ROUTER WORKS"

I BET YOU DONT PAY ATTENTION TO THIS LITTLE THINGS ‼️

If a hacker gain access into your system this is what they search for first

𝗟𝗮𝘁𝗲𝗿𝗮𝗹 𝗠𝗼𝘃𝗲𝗺𝗲𝗻𝘁 & 𝗣𝗲𝗿𝘀𝗶𝘀𝘁𝗲𝗻𝗰𝗲

Lateral movement = breaking into one system, then sneaking into others using stolen creds or tools.
Persistence = staying hidden with auto-start programs or fake accounts.
SOC teams hunt this using logs + smart detection rules 🛡️

File System Comparison

Yes a lots of people are fun of doing that thinking it’s the right way

Common Mistakes Smart People Make

•Reusing passwords
•Over-trusting biometrics
•Installing too many browser extensions
•Ignoring firmware updates
•Thinking antivirus = full protection

Security is discipline, not tools.

The seven layers of the OSI model include:

1. The Physical layer
2. The Data Link layer
3. The Network layer
4. The Transport layer
5. The Session layer
6. The Presentation layer
6. The Application layer

Step by step, learning and practicing safely!

Then I dove into log analysis, practiced tcpdump safely, and explored system activity from a SOC perspective.

Big takeaway: real OPSEC isn’t about hiding it’s about awareness, discipline, and understanding your footprint. If I can see my activity, a SOC analyst can too.

Today I finished setting up my SOC lab on Kali Linux, and what a learning experience! 🎯

I created a dedicated lab user socuser, disabled command history, turned off unnecessary services, and separated lab browsing from personal browsing.

Stop Confusing Bus, Star & Ring Topologies (Simple Guide)

No one knows the effort that went into your work more than you.
Don’t wait for others to acknowledge your efforts.

Monthly Milestones

Month 1
•Understand networking basics
•Comfortable in Linux terminal

Month 2
•50+ TryHackMe rooms completed
•Security+ 50% complete

Month 3
•Book Security+ exam
•Build basic home lab

Month 4–6
•Apply for IT/SOC roles aggressively

Package cleanup

1️⃣ apt autoremove – remove unused
2️⃣ apt clean – clear cache
3️⃣ dpkg -l – list packages
4️⃣ dpkg -r – remove package
5️⃣ apt purge – remove configs too

Keep your system clean & fast.
Which one would you run today?