improving sentinel live response collection
Throughout my experience using sentinel, I felt that sentinel live response collection is not very good. This post document how I try to solve the problem and obstacles I found.
DFIR & random stuff
Throughout my experience using sentinel, I felt that sentinel live response collection is not very good. This post document how I try to solve the problem and obstacles I found.
So I got two interesting opportunity in 2022. That is praktisi mengajar to talk about network forensic, and the other one is Deall Mentorship. Here how’s those things goes:
My writings on use case of MITRE that I send to cdef.id for their (supposedly) quarterly bulletin. This would be the second time cdef published my writings (check out the first one over here).
I was doing some ‘weird jobs’, and needed to know what really is happening with this powershell base64 payload. The payload itself is nothing typically new, but I think I’ll post it here incase someone needed it, since it was pretty hard trying these resources when I needed it.
so here’s some of those powershell payload.
even with the awesome list all over github, I kept losing tracks of cool tools, so here are some of them:
(last update 11.09.2022)
in the spirit of keep updating the resources, I’m moving this post to aldosimon/dfir