Throughout my experience using sentinel, I felt that sentinel live response collection is not very good. This post document how I try to solve the problem and obstacles I found.

So I got two interesting opportunity in 2022. That is praktisi mengajar to talk about network forensic, and the other one is Deall Mentorship. Here how’s those things goes:

My writings on use case of MITRE that I send to cdef.id for their (supposedly) quarterly bulletin. This would be the second time cdef published my writings (check out the first one over here).

The bulletin can be accessed here or here

I was doing some ‘weird jobs’, and needed to know what really is happening with this powershell base64 payload. The payload itself is nothing typically new, but I think I’ll post it here incase someone needed it, since it was pretty hard trying these resources when I needed it.

so here’s some of those powershell payload.

even with the awesome list all over github, I kept losing tracks of cool tools, so here are some of them:

(last update 11.09.2022)

in the spirit of keep updating the resources, I’m moving this post to aldosimon/dfir