Search for a command to run...
Articles tagged with #incident-response
Introduction Understanding an organization’s current incident response (IR) capabilities is vital, as it enables the identification of current strengths and weaknesses. This knowledge is instrumental in formulating future objectives and optimizing al...
a little story about my previous experience in sentinel live response
I was doing some 'weird jobs', and needed to know what really is happening with this powershell base64 payload. The payload itself is nothing typically new, but I think I'll post it here incase someone needed it, since it was pretty hard trying these...
even with the awesome list all over github, I kept losing tracks of cool tools, so here are some of them: (last update 11.09.2022) in the spirit of keep updating the resources, I'm moving this post to aldosimon/infosec-compendium event log parser cha...
Dalam sebuah kegiatan incident response, adakalanya kita perlu mengetahui karakteristik proses yang sedang berjalan, sehingga dapat memutuskan apakah proses tersebut malicious atau tidak. Berikut beberapa proses inti windows (Windows core processes),...
I've been trying out letsdefend.io for a couple of week, and here's a write up of one of the challenge. its a platform to hone your blue teaming skill, you will be using some sort of SIEM apps and act as an analyst, i.e. finding IOC and deciding esca...
