Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
Loading sysmon events in pandas dataframe In the past article, we used powershell scripting to filter the events and perform basic querying, in this article ...
Loading sysmon events in pandas dataframe In the past article, we used powershell scripting to filter the events and perform basic querying, in this article ...
Threat Hunting with sysmon: Command line investigation In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell...
Threat Hunting with sysmon: Process creation event
Threat Hunting with sysmon: sysmon installation
You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different wa...
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
Introduction EG-CTF 2019 was held on 15-Nov-2019, most of the challenges were written by people working at EG-CERT, this challenge is not one of those chal...
Introduction This is post will host things that i usually write from scratch every time i need them. POWERSHELL Read sysmon logs Get-winevent...
You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different wa...
Introduction In this post we will hook Java’s Crypto library using frida to acquire the data in clear text and the decryption/encryption keys from an androi...
Introduction In this post we will not use console.log to print data, we will send the data from the JS code to the python code for more processing, and then...
Introduction In the previous post, We were able to call function secret as soon as we attach our JS script into the target application process,in this tutor...
Introduction In the previous post, i showed you how to intercept function calls ,log and modify the arguments, we will repeat this again in this post but wi...
Introduction In this post and the next few posts we will talk about Frida the Dynamic Binary Instrumentation tool, I will show you some examples that highli...