In this post Jessica Payne writes about how to use the built in Windows Event Forwarding components of Windows, some PowerShell scripts, and PowerBI desktop to create a fast, free, and effective console for diagnosing problems and finding Indicators of Attack in a network.
Home How To Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
-
Looking at Microsoft Teams from a DFIR Perspective
David Cowen’s Sunday Funday is back, so why not to take part in this fun? Last Sunda… -
SQM: New Evidence of Execution Source?
Forensicating one of compromised hosts during our recent incident response activities we h… -
50 Shades of Ransomware
Ransomware is still one of the most common types of malware deployed during cyberattacks. …
Load More Related Articles
-
Step by Step Guide to iOS Jailbreaking and Physical Acquisition
Oleg Afonin from Elcomsoft has posted a step by step guide on how to perform jailbreaking … -
Creating a File System Image of iOS12
Apple’s iOS 12 is the latest iteration in their mobile device software. With each it… -
Parsing Carved EVTX Records Using EvtxECmd
Teru Yamazaki has posted about how to extract Windows Event Log files from allocated space…
Load More In How To
Comments are closed.
