RawSec

Dudelange, Luxembourg
  • Home
  • Archives
  • Categories
  • Tags
  • About

Categories

  • ctf1
  • detection-engineering1
  • engineering1
  • tools1

Tags

  • ctf1
  • detection2
  • dfir3
  • soc2
  • sysmon1
  • threat-hunting1
  • write-up1

Recent Posts

  • SysmonEnte but not Sysmon End

    2022-09-07

  • Overcoming Domain Name Resolution Issue in Sysmon

    2018-06-17

  • Go Evtx SigNature Engine (Gene)

    2018-02-04

  • CTF Write-Up Hack.lu 2017 bit

    2017-10-18

SysmonEnte but not Sysmon End

Blog post talking about SysmonEnte, addressed to threat hunters and detection engineers

Date:   2022-09-07   detection-engineering   sysmon detection dfir soc Read Time: 10 minutes

Overcoming Domain Name Resolution Issue in Sysmon

Blog post describing how to solve domain name resolution issue in Sysmon v7.01

Date:   2018-06-17   engineering   dfir soc Read Time: 7 minutes

Go Evtx SigNature Engine (Gene)

This article introduces an engine (a.k.a Gene) we have designed to match signatures in Windows events

Date:   2018-02-04   tools   dfir threat-hunting detection Read Time: 10 minutes

CTF Write-Up Hack.lu 2017 bit

Detailed write-up of Hack.lu CTF Bit challenge

Date:   2017-10-18   ctf   ctf write-up Read Time: 6 minutes

Page:1/1
©2017 - 2022
Theme by xiaoheiAh based on pure.
Powered by Hugo