Look into couple of suspicous registry activities

Look into couple of suspicous registry activities

In threat hunting, Feb 08, 2025
Hunting for Windows Subsystem for Linux based attacks
Hunting for malicious scheduled tasks
The DFIR thing reg parsing #1

All Stories

Look into couple of suspicous registry activities

Look into couple of suspicous registry activities

In threat hunting, Feb 08, 2025
Look into couple of suspicous registry activities

Hunting for Windows Subsystem for Linux based attacks

Hunting for WSL based Badness

In threat hunting, Nov 10, 2024
Hunting for Windows Subsystem for Linux based attacks

Hunting for malicious scheduled tasks

Why?

In threat hunting, Oct 06, 2024
Hunting for malicious scheduled tasks

The DFIR thing reg parsing #1

This blog post was lost in migration from Wordpress to Github Pages. :(

In dfir, Aug 29, 2024
The DFIR thing reg parsing #1

The DFIR thing

The DFIR.. what?

In dfir, Jul 27, 2024
The DFIR thing

Impacket - Part 3

Continuing with Impacket

In threat hunting, Jun 01, 2024
Impacket - Part 3

Impacket - Part 2

Hello mr. Impacket – I am back!

In threat hunting, Apr 27, 2024
Impacket - Part 2

Exploring hunting options for catching Impacket

Hunting for usage of Impacket

In threat hunting, Apr 13, 2024
Exploring hunting options for catching Impacket

Threat hunting for signs of credential dumping

Why this topic?

In threat hunting, Mar 11, 2024
Threat hunting for signs of credential dumping

Hunting for signs of SEO poisoning

How to hunt for SEO poisoning?

In threat hunting, Feb 23, 2024
Hunting for signs of SEO poisoning

Featured

  1. Look into couple of suspicous registry activities
    In threat hunting,
  2. Hunting for Windows Subsystem for Linux based attacks
    In threat hunting,
  3. The DFIR thing
    In dfir,
  4. OpenCTI RSS feed support
    In threat intelligence,
  5. Threat Intelligence Platform - OpenCTI
    In threat intelligence,