k4nfr3's blog and webSite
  • HOME
  • My Blog
  • Mountains
    • My 4000m list
    • Cahier des courses
Select Page

Meterpreter and other C2 can we detect them ? (part 3)

by frank | Jul 9, 2020 | Blue Team, Malware, Security

Reading Time: 5 minutesThis is the 3rd article in this serie. (here is part1 & part2) A little adon to Part 1 & 2, as part of my job is to implement Palo Alto Networks Firewalls, I took the task to work with PaloAltoNetworks for them to create a signature to...

Zloader Malicious Excel File analysis

by frank | Apr 28, 2020 | AV, Blue Team, Malware, Security, Windows

Reading Time: 5 minutesI got given by a friend a malicious Excel file that he analyzed as I’m eager to learn more I’m not familiar with MS-Office forensic techniques, hencewhy I found this interesting to look into during my evenings. First, when uploading...

Recent Posts

  • Cortex XDR components
  • WFP shenanigans, can we abuse WFP to block EDR telemetry and alerting ?
  • WEC Part 2
  • WEC Part 3
  • Top 10 easiest way to Harden your Windows Domain

Categories

  • AV (13)
  • Blue Team (32)
  • C2C (1)
  • Checkpoint (7)
  • Cloud (1)
  • CTF (7)
  • Debug (15)
  • Linux (4)
  • Malware (2)
  • Misc (14)
  • Palo Alto (22)
  • Privacy (3)
  • Pwn (4)
  • Red team (37)
  • Security (85)
  • Vmware (5)
  • Windows (43)

Recent Tweets

Tweets by k4nfr3

Recent Comments

  • bcaa uk on WEC Part 3
  • frank on Volatility 3
  • Vincent on Volatility 3
  • frank on EDR Userland Hooking detection / Unhooking test
  • 3D Games on EDR Userland Hooking detection / Unhooking test

Archives