Context is king, it makes all the difference. You may see something run in EDR telemetry, or in logs, but the context of when it ran in relation to other activities is often critical. Did it occur immediately following a system reboot or a user … [Continue Reading]
Overview of Content Published in October
Here is an overview of content I published in October: Blog posts: New Tool: onion-connect-service-detection.py Update: 1768.py Version 0.0.8 ?Public? Private Cobalt Strike Keys New Tool: cs-decrypt-metadata.py YouTube videos: CVE-2021-40444 … [Continue Reading]
New Tool: cs-decrypt-metadata.py
cs-decrypt-metadata.py is a new tool, developed to decrypt the metadata of a Cobalt Strike beacon. An active beacon regularly checks in with its team server, transmitting medata (like the AES key, the username & machine name, …) that is encrypted … [Continue Reading]
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- 6
- …
- 596
- Next Page »