by frank | Apr 23, 2020 | Blue Team, Red team, Security, Windows
Reading Time: 3 minutesSysmon is an official SysInternals driver that let’s you log all what is happening to a Windows machine. I will not drill down here what it is capable of and how important it is to have it running on your company assets and to get them to...
by frank | Apr 21, 2020 | Misc, Windows
Reading Time: < 1 minutepowershell Get-ExecutionPolicy powershell Get-Authenticode c:\temp\myscript.ps1 Specify version powershell -Version 2 cat powershell Get-Content C:\Windows\System32\Inetsrv\Config\administration.config ls powershell Get-ChildItem -Path...
by frank | Apr 17, 2020 | Blue Team, Security
Reading Time: 2 minutesWith the cloud technologies, i think one can slowly come to the conclusion that IOCs should not be relied only ! Bad actors can move of source IP so easily and the fact that all Threat Intelligence do their own lists, there is a great...
by frank | Apr 8, 2020 | Palo Alto, Security
Reading Time: < 1 minuteFrom the documentation Traps or now called Cortex XDR has several modules. The main prevention against malware is the BTP (Behaviour Treat Protection ). Palo Alto has increased prevention drastically since version 5 and since version 7. It...
by frank | Apr 6, 2020 | Blue Team, Red team, Security
Reading Time: 2 minutesIn this second part I will briefly talk about using proper SSL Certificates and Second stage encoders. Using Let’s Encrypt SSL Cert with Meterpreter The goal of using proper certificates, is that most blue teams, will block access to self...
Recent Comments