Back to all projects

Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel

2025-11-10
Samson Otori
Personal Project
Blue Team
Cloud
Project 5.6: LOG(N) Pacific Internship – Incident Response Scenario 2: PowerShell Suspicious Web Request with Microsoft Sentinel
Blue Team
Cloud
Incident Response
Microsoft Sentinel
Microsoft Defender for Endpoint
PowerShell
SOC Operations
KQL
Post-Exploitation Detection
Microsoft Sentinel
Microsoft Defender for Endpoint
PowerShell
KQL
Windows

Continue Reading

PreviousProject 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel
Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel

Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel

Analysing identity-based threat scenarios through impossible travel detection in Microsoft Sentinel, evaluating Azure AD authentication pat…

Nov 15, 2025

Read previous
NextProject 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel
Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel

Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel

Investigating a simulated brute-force attack scenario using Microsoft Sentinel and Defender for Endpoint, following the NIST 800-61 inciden…

Nov 8, 2025

Read next
Related Projects
Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel
Blue Team

Project 5.5: LOG(N) Pacific Internship – Incident Response Scenario 1: Brute Force Attack Detection with Microsoft Sentinel

Nov 8Project
Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion
Blue Team

Project 5.8: LOG(N) Pacific Internship – Incident Response Scenario: Excessive Azure Resource Creation or Deletion

Nov 16Project
Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel
Blue Team

Project 5.7: LOG(N) Pacific Internship – Incident Response Scenario: Impossible Travel Detection with Microsoft Sentinel

Nov 15Project
Oldest Projects
Introduction to the MYDFIR SOC Analyst Challenge
Blue Team

Introduction to the MYDFIR SOC Analyst Challenge

Oct 31Project
Part 1: Foundation, A Logical Network Diagram
Blue Team

Part 1: Foundation, A Logical Network Diagram

Nov 1Project
Part 2: Diving into the ELK Stack
Blue Team

Part 2: Diving into the ELK Stack

Nov 2Project
Newest Projects
Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable
Blue Team

Project 6.0: LOG(N) Pacific Internship – Vulnerability Management: Windows Authenticated vs Unauthenticated Scanning with Tenable

Nov 21Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 2: The Threat Hunt)

Nov 17Project
Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)
Blue Team

Project 5.9: LOG(N) Pacific Internship Final Project – Detecting Tor Browser Usage on Corporate Endpoint - Threat Hunting Scenario (Part 1: Malicious Activity Simulation)

Nov 17Project
Project Categories
All
57
Cloud
13
Blue Team
39
Red Team
2
Infrastructure
3