AddThis
Tuesday, March 14, 2017
Detecting an Attacker Dumping Passwords from the Windows Registry
›
Several tools are available to dump password hashes from the Windows registry such as Mimikatz and gsecdump. Attackers commonly dump domain ...
Monday, March 13, 2017
Detecting an Attacker Dumping Passwords from Memory
›
Mimikatz ( https://github.com/gentilkiwi/mimikatz ) is a popular tool used by adversaries (and Red Teamers) to dump passwords from memory. P...
Sunday, September 25, 2016
How to Setup a Cowrie SSH Honeypot
›
Cowrie is a medium interaction SSH and Telnet honeypot, which can log brute force attacks and an attacker's shell interaction. Cowrie is...
8 comments:
Sunday, September 11, 2016
Detecting Lateral Movement Using Sysmon and Splunk
›
Detecting an attacker moving laterally in your environment can be tough. It can be difficult to obtain the necessary logs to identify this a...
Saturday, September 10, 2016
Mounting a BitLocker Encrypted Image Using Dislocker
›
Sometimes it is necessary to boot a host into an alternate OS to acquire a raw disk image. If you need to mount the image for forensic analy...
Home
View web version
