Lateral Movement Detections: PsExec/Like-PsExec tools activityLateral movement (TA0008) continues to strongly remain a core tactic used by attackers where the successful activity leads to huge impact…Sep 1, 2021Sep 1, 2021
Linux Threat Hunting — Know your PenguinsThe attacks on the Linux system is common since decades, but how common are Linux logs collected and processed for better detections?Aug 18, 2020Aug 18, 2020
BRO/ZEEK — The Modern WatchtowerNetwork traffic is always noisy. But sometimes it whispers too. So, why not pay a very close attention when it whispers “BRO” 🦊Mar 28, 20201Mar 28, 20201
Insights on Kerberos AttacksDogs are playful so are the Kerberos. This attribution to 3 headed-dog is from Greek Mythology which was known for guarding the gates of…Mar 14, 2020Mar 14, 2020
Threat Hunting with ELK + WazuhWith Sysmon configured on endpoints, ELK + Wazuh stack will facilitate greatly in performing Threat Hunting operations.Feb 24, 20202Feb 24, 20202