Brian Carrier and Chris Ray have found a way how to run PsExec and not reveal admin password hash. Check this blog post to learn how to do it.
-
Looking at Microsoft Teams from a DFIR Perspective
David Cowen’s Sunday Funday is back, so why not to take part in this fun? Last Sunda… -
SQM: New Evidence of Execution Source?
Forensicating one of compromised hosts during our recent incident response activities we h… -
50 Shades of Ransomware
Ransomware is still one of the most common types of malware deployed during cyberattacks. …
Load More Related Articles
-
Finding Registry Malware Persistence with RECmd
Chad Tilbury has writen a post on how to use Eric Zimmerman’s RECmd and its batch fi… -
Detecting PowerShell Empire Shenanigans with Sysinternals
In this post Ben Bornholm writes about how to detect PowerShell Empire using the tools fro… -
Analyzing the Windows LNK File Attack Method
An interesting post by D3xt3r’s Malware Laboratory describing another example of usi…
Load More In Tips & Tricks
Comments are closed.
