Level-up your Detection Game

Red Teaming exercises are getting popular with the growth of security operations centers. These attack simulations aim to help companies improve their…

Read more

The Threat, the Fox, and the Sentinel

Nowadays more and more security tools are used to monitor and generate alerts from different sources (EDR, Proxy, etc.).These alerts often contains…

Read more

Relaying to AD Certificate Services over RPC

In June last year, the good folks at SpecterOps dropped awesome research on Active Directory Certificate Services (AD CS) misconfigurations. Since…

Read more

A Symmetric Cipher Ransomware … YES!

One of the rare cases where we can decrypt and recover files following-up with a ransomware attack.

Read more

Tutorial on how to Approach Typical DFIR Cases with Velociraptor

This post provides ideas of processes to follow and gives basic guidance on how to collect, triage and analyze artifacts using Velociraptor

Read more