All Stories
Malware statistics to ELK
I’ve been somewhat busy lately and hadn’t had much time to write anything to the blog unfortunately. I also have had some issues in thinking of good topics as I don’t want to get stuc...
In threat hunting, Feb 16, 2023
MDE/MDI/MDO365 advanced hunt queries to ELK
I’ve been using Jupyter Notebook for quite sometime in threat hunting and incident response purposes. It is great as it offers the python data analytic tools to be used with the data ...
In threat hunting, Nov 28, 2022
My version of a home lab
This time I am going to introduced my version of a home lab. This is not as “pro” as many others have but have a good combination of lab and a home computer in a same package. The pos...
In threat hunting, Nov 19, 2022
Recent phishing emails + Emotet recent sample analysis
Phishing emails
In threat hunting, Nov 13, 2022
From Shodan to MDE queries
I’ve had an idea for some time for using the Shodan and MDE API:s. The idea is to pull recently identified C2 servers from Shodan and use the IP-addresses to run a query against the M...
In threat hunting, Sep 04, 2022
Running live malware for threat hunting purposes
This time I am trying something different. I am in no way, shape or form capable in malware analysis but I was thinking if it could be useful to run a live malware on a device with MD...
In threat hunting, Aug 13, 2022
Featured
-
Autonomous SOC, possible or just pointless AI hype?
In SOC, -
Why Your Threat Hunting Program Is Working (Even When It Finds Nothing)
In threat hunting, -
TI Dashboar: AI generated Cyber Threat Intelligence dashboard
In threat intelligence, -
OpenCTI RSS feed support
In threat intelligence, -
Threat Intelligence Platform - OpenCTI
In threat intelligence,