In this post Jessica Payne writes about how to use the built in Windows Event Forwarding components of Windows, some PowerShell scripts, and PowerBI desktop to create a fast, free, and effective console for diagnosing problems and finding Indicators of Attack in a network.
Home How To Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
-
Tools up: the best software and hardware tools for computer forensics
Igor Mikhailov is a digital forensic analyst of the digital forensic laboratory at Group-I… -
Following the RTM
Researchers became aware of the activities of the RTM group in December 2015. Since then, … -
Using MITRE ATT&CK for Forensics: Image File Execution Options Injection (T1183)
As was promised, we continue our Using MITRE ATT&CK for Forensics series. This time we…
Load More Related Articles
-
Step by Step Guide to iOS Jailbreaking and Physical Acquisition
Oleg Afonin from Elcomsoft has posted a step by step guide on how to perform jailbreaking … -
Creating a File System Image of iOS12
Apple’s iOS 12 is the latest iteration in their mobile device software. With each it… -
Parsing Carved EVTX Records Using EvtxECmd
Teru Yamazaki has posted about how to extract Windows Event Log files from allocated space…
Load More In How To
