TryHackMe Sysmon Write-Up
<p>We will be doing the <a href="https://tryhackme.com/room/sysmon" rel="noopener ugc nofollow" target="_blank">Sysmon</a> room this time. I don’t know about Sysmon too much except that it’s usually running in the background and helps logs events for us, similar to Windows Event Manager. I believe it is a bit more comprehensive in its logging which is why it’s useful to check these logs when using our SIEMs. Let’s get started! As always, I’ll document if I used external sources when doing these labs.</p>
<p>Task 3 Installing and Preparing Sysmon</p>
<p>I will be RDPing into the machine instead of downloading the files on my host machine. I created a RDP guide recently since we RDP a lot. I thought it’ll be nice to keep the RDP steps in one post instead of always writing it. It’s located <a href="https://medium.com/@laupeiip/how-to-rdp-into-a-tryhackme-windows-machine-with-your-kali-vm-f637cf7422d1" rel="noopener">here</a>. Please check it out!</p>
<p><a href="https://medium.com/@laupeiip/tryhackme-sysmon-write-up-50a7043c86cf"><strong>Website</strong></a></p>