« Excel list of MS EventIDs. Handy when tuning a SIEM/Logger/ELK stack: https://www.microsoft.com/en-us/download/details.aspx?id=50034 #DFIR »
« One more thought: map the @MITREattack to #Sigma rules online in same window. Its live, its free and you can now write threat detection rules and package #threatintel for 9 different security analytics tools or even grep. Then export to your #SIEM, screen is #mimikatz example ;-) https://t.co/6gcfJJA8uh »
« GetVulnerableGPO. PowerShell script to find 'vulnerable' security-related GPOs that should be hardended
Very interesting read: "It's time to rebuild the web" by Mike Loukides https://www.oreilly.com/ideas/its-time-to-rebuild-the-web
« Issue 1/2018 is here. Download it for free and spread the word, please.
Find it at issuu:
Or download the PDF from our Goodle Drive:
#retromag #8bit #retrogaming #retro https://t.co/3dZBMVr6Sn »
« How to become the best Malware Analyst E-V-E-R http://www.hexacorn.com/blog/2018/04/14/how-to-become-the-best-malware-analyst-e-v-e-r/ #dfir #malware feedback welcome cc @lennyzeltser @hasherezade »
« Not allowed to use copy.exe?
Use print.exe instead. Can also be used to add data to alternate data streams.
#LOLBins #SurrogateBinaries #DFIR #PenTest
(LOLBins = Living Off The Land Binaries)
« Blue teamers, don’t forget your Cuckoo Sandbox https://blog.nviso.be/2018/04/12/painless-cuckoo-sandbox-installation/ or... did I mean red team? Anyhow, still decent if you can’t get 30 machines set up with individual AV to test the full products. »
Knowing Little Snitch from my Mac past, this sounds promising. https://t.co/cfDBUhApr6
« OpenSnitch Is a Host-Based Firewall for Linux Desktops - by @campuscodi
« Break into the @CyberArk Password Vault with .NET deserialization 🔓💉 https://buff.ly/2H94Ngf »
Life is not only about doing cool stuff. Here's a list of command line tools for manipulating structured text data: https://github.com/dbohdan/structured-text-tools
As soon as I find the time, I really need to check out the new 4.0 release of @QubesOS https://www.qubes-os.org/news/2018/03/28/qubes-40/. It now features fully virtualized VMs as well as lots of other great improvements and additions.
Curated List of Privacy Respecting Services and Software:
Are you a #gopher person? Then have I got a read for you:
« Blue Team fundamentals Part Two: Windows Processes
by @securitybytesIO (in Mar 2017)
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2 https://t.co/DFJJuF3IMF »
« Just put up a Big Update to the #8bitbuyer Commodore 8-Bit Buyer's Guide. Now 25% more products, projects and kits. 45 new items, bringing the total to over 200. Hard to imagine! http://www.c64os.com/buyersguide #c64 Here are some shots of new listings. Pls spread the #retro love. https://t.co/mfTzrG0bh2 »
« This isn't a great Shodan tutorial, but it's one of the only ones.