Level-up your Detection Game

Red Teaming exercises are getting popular with the growth of security operations centers. These attack simulations aim to help companies improve their…

Weiterlesen

The Threat, the Fox, and the Sentinel

Nowadays more and more security tools are used to monitor and generate alerts from different sources (EDR, Proxy, etc.).These alerts often contains…

Weiterlesen

Relaying to AD Certificate Services over RPC

In June last year, the good folks at SpecterOps dropped awesome research on Active Directory Certificate Services (AD CS) misconfigurations. Since…

Weiterlesen

A Symmetric Cipher Ransomware … YES!

One of the rare cases where we can decrypt and recover files following-up with a ransomware attack.

Weiterlesen

Tutorial on how to Approach Typical DFIR Cases with Velociraptor

This post provides ideas of processes to follow and gives basic guidance on how to collect, triage and analyze artifacts using Velociraptor

Weiterlesen