Having a look at a few new fields in MDE
Having a look at a few new fields in MDEI noticed that there has been a few new fields added to the Advanced hunt tables. These field...
In
threat hunting,
Feb 28, 2025
Look into couple of suspicous registry activities
In threat hunting, Feb 08, 2025Hunting for Windows Subsystem for Linux based attacks
In threat hunting, Nov 10, 2024Hunting for malicious scheduled tasks
In threat hunting, Oct 06, 2024All Stories
Having a look at a few new fields in MDE
Having a look at a few new fields in MDEI noticed that there has been a few new fields added to the Advanced hunt tables. These fields can be useful for threat hunting and incident re...
In threat hunting, Feb 28, 2025Look into couple of suspicous registry activities
Look into couple of suspicous registry activities
In threat hunting, Feb 08, 2025Hunting for Windows Subsystem for Linux based attacks
Hunting for WSL based Badness
In threat hunting, Nov 10, 2024The DFIR thing reg parsing #1
This blog post was lost in migration from Wordpress to Github Pages. :(
In dfir, Aug 29, 2024Exploring hunting options for catching Impacket
Hunting for usage of Impacket
In threat hunting, Apr 13, 2024Featured
-
Having a look at a few new fields in MDE
In threat hunting, -
Look into couple of suspicous registry activities
In threat hunting, -
Hunting for Windows Subsystem for Linux based attacks
In threat hunting, -
The DFIR thing
In dfir, -
OpenCTI RSS feed support
In threat intelligence, -
Threat Intelligence Platform - OpenCTI
In threat intelligence,