Derek King has published another post as part of his “Hunting with Splunk: The Basics” series. This time he is discussing lateral movement – one of the key indicators when you actually have an APT in your network as Ryan Kovar said.
-
volatility-wnf: Browse and dump Windows Notification Facilities
This Volatility plugin is based on work of Alex Ionescu and Gabrielle Viala. https://blog.… -
Learning Android Forensics, 2nd Edition has been released
The 2nd edition of Learning Android Forensics by Oleg Skulkin, Donnie Tindal and Rohit Tam… -
yara_tools: Create YARA Rules In Python
Michael Matonis has written a library that helps security researchers create simple or com…
Load More Related Articles
-
Cobalt Strike Remote Threads Detection
Olaf Hartong has writted a blog post in which he shows how to use “Create Remote Thread” e… -
Robust Use of PsExec That Doesn’t Reveal Password Hashes
Brian Carrier and Chris Ray have found a way how to run PsExec and not reveal admin passwo… -
Beyond good ol’ LaunchAgent – part 0
Pasquale Stirparo has started a post series about macOS persistense mechanisms titled R…
Load More In Tips & Tricks
