Published inDetect FYIImmutable Artifacts — Enabling RDP ConnectionsBuilding on my previous article, in this article we will adopt the “Immutable Artifacts” methodology to detect such artifacts for…Dec 2Dec 2
Published inDetect FYIDetecting WiFi dumping via direct WinAPI calls and introduction to “Immutable Artifacts”Lately I’ve been reading a LOT of materials on how to write better detection rules. The main reason this whole thing started is that I’ve…Nov 25Nov 25
Published inDetect FYIDetection of “EDRSilencer”Recently, there’s been quite a buzz in the infosec community about a new tool called “EDRSilencer”. From the tool’s Github description:Oct 182Oct 182
Published inDetect FYIViperSoft CryptostSo today wasn’t anything special, except that those really annoying Powershell windows that occasionally open on my screen for a…Jul 27, 2023Jul 27, 2023