The PoSh Hunter CTF
If you want to test your PowerShell skills and interested in threat hunting – the PoSh Hunter CTF is for you. …
-
Using MITRE ATT&CK for Forensics: Image File Execution Options Injection (T1183)
As was promised, we continue our Using MITRE ATT&CK for Forensics series. This time we…
-
Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)
First of all, I would like to thank all of those who liked and retweeted the previous arti…
-
Using MITRE ATT&CK for Forensics: BITS Jobs (T1197)
If you are doing incident response, you must know what MITRE ATT&CK is. As it’s …
Cyber Forensics Blog
Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis
Last week Sarah Edwards attended MacDevOpsYVR in Vancouver, Canada, and had a talk about her simple tool for advanced forens…
Automated Hunting of Memory Resident Malware at Scale
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis …
DFIR CTF – Email took my money
Antonio Sanz has created a DFIR CTF, which offers you to forensicate an incident resulted in €100k loss for Minerías Alcazar…
Show More News
