by frank | Jan 5, 2021 | AV, Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteDriver : SentinelMonitor Altitude 389040 Services: Name=LogProcessorService; DisplayName=SentinelOne Agent Log Processing Service; ServiceName=LogProcessorServiceName=SecurityHealthService; DisplayName=Windows Security Service;...
by frank | Jan 4, 2021 | AV, Blue Team, Red team, Security, Windows
Reading Time: 2 minutesYou can download this CSV file here <==== SHA256NameSignerDescription—————————04A85E359525D662338CAE86C1E59B1D7AA9BD12B920E8067503723DC1E03162ADV64DRV.sys”FUJITSU LIMITED...
by frank | Nov 23, 2020 | Red team, Security, Windows
Reading Time: < 1 minutereg query HKLM\SYSTEM\CurrentControlSet\Services\regsvc HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\regsvcType REG_DWORD 0x10Start REG_DWORD 0x3ErrorControl REG_DWORD 0x1ImagePath REG_EXPAND_SZ “C:\Program Files\Insecure...
by frank | Nov 23, 2020 | AV, Red team, Security, Windows
Reading Time: < 1 minuteA few techniques to avoid AV or EDR detection rundll32 C:\windows\system32\comsvcs.dll MiniDump “[LSASS_PID] dump.bin full” procdump <process id> instead of the word lsass Signed Executable which can be used also CiscoJabber :...
by frank | Oct 13, 2020 | Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteto check if a Win domain is a possible candidate to a MITM WSUS attack check reg query HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate /v WUServer...
by frank | Aug 24, 2020 | AV, Pwn, Red team, Security, Windows
Reading Time: < 1 minuteIntel Network Adapter Diagnostic Driver of version 1.03.0.7;RTCore64 driver from MSI Afterburner of version 4.6.2 build 15658 and below;Gdrv driver from various Gigabyte TOOLS of undefined version;ATSZIO64 driver from ASUSTeK WinFlash...
Recent Comments