Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Making sense in the world of all things cyber.
A necessary component to any IR: Containment
This blog is updated at https://ciberesponce.com Incident Response and Containment Anyone who does...
Date: 03/02/2018
Setting up Kali Linux in Docker on Windows 10
This blog is updated at https://ciberesponce.com A few times now, I find myself wondering why I need...
Date: 09/01/2017
WMI Queries: ReturnValue vs uValue (and some Remote Registry)
This blog is updated at https://ciberesponce.com Interestingly, when querying a registry setting in...
Date: 08/24/2017
ATA Auditing (AuditPol, Advanced Audit Settings Enforcement, Lightweight Gateway Service discovery)
This blog is updated at https://ciberesponce.com NOTE: This blog and code was updated to include a...
Date: 08/18/2017
ATA + OMS
This blog is updated at https://ciberesponce.com Installing Operational Management Suite (OMS) on...
Date: 06/08/2017
SmartCard and Pass-the-Hash
On a pretty consistent basis, SmartCard and Multi-factor Authentication (MFA) technologies are...
Date: 05/17/2017
Ubuntu RDP in Azure
Many times, I get a question on how do you RDP into a Linux machine created in Azure. So, instead of...
Date: 03/17/2017
cpassword – MS14-025
Microsoft announced MS14-025 on 13 May, 2014. However, it continues to be an issue for many IT...
Date: 02/23/2017
ATA Playbook Released
The Advanced Threat Analytics Playbook is released. It includes a breakdown of how to test (and...
Date: 02/15/2017
Advanced Threat Analytics Detects Forged PACs
Advanced Threat Analytics (ATA) detects all sorts of credential theft and post-exploit activities of...
Date: 02/13/2017
The Iceberg Effect
In cybersecurity, especially in the Digital Forensics Incident Response (DFIR) space, the "Iceberg...
Date: 02/01/2017