PinnedDetection & Compromise: Secrets from the AWS Secrets ManagerExposure of secrets can be disastrous. Read how to compromise and detect the exposure of secrets from the AWS Secrets Manager service.Sep 4, 2022Sep 4, 2022
Management of MFA Devices in AWS IAMMFA is extremely important to secure your root and IAM user accounts in AWS. Let’s have a quick refresher on the API calls and analysisNov 25, 2022Nov 25, 2022
AWS Session Manager: Securing Access to Cloud ResourcesAWS Session Manager is a handy utility from the Systems Manager suite which can help securely access cloud resources without exposing…Jun 21, 2022Jun 21, 2022
AWS Instance Metadata Service: A Quick RefresherA quick refresher on AWS Instance Metadata Service (IMDS) which covers the service, its use-cases, and the two versions — IMDSv1 and IMDSv2Jun 9, 2022Jun 9, 2022
Honest Review of TCM Security’s Practical Malware Analysis and TriageTCM Security recently published their new malware analysis training, PMAT. Here’s a review of the course, its content, and overall…Nov 17, 2021Nov 17, 2021
Reversing with IDA: Cross-referencesCross-references, or more commonly referred to as xrefs, are used to identify references (usage/call or declaration) of a particular…Sep 19, 2021Sep 19, 2021
Forensic Analysis of an LNK FileLet’s dig into the file format of an LNK file and look how to view and parse them. We’ll also review a few ways threat actors use LNKs!Aug 12, 20211Aug 12, 20211
Defender’s Toolkit 102: Sigma RulesDon’t feel confident writing Sigma rules? Sigma isn’t as hard as it seems. Tag along as we explore how to write these rules efficiently!Mar 6, 2021Mar 6, 2021
VBA Purging — What Purpose Does It Serve?Purging a VBA of its compiled code serves several purposes. Take a look as we explore VBA purging and the defenses against it.Nov 27, 2020Nov 27, 2020
Digital Forensics Write-up — Web Server Case by Ali HadiThe article is a write-up for challenge number one — the Web Server Case — by Ali Hadi on his blog, ‘ashemery.com’. The premise is set to:Oct 26, 20201Oct 26, 20201
Sysmon: How To Setup, Configure, and Analyze the System Monitor’s EventsSysmon, short for System Monitor, is a utility tool developed by Mark Russinovich, as part of the Sysinternals suite. The utility is…Oct 22, 2020Oct 22, 2020
Command-line Auditing on Windows: Why You Need It!It’s unfortunate that the Windows Command Prompt, the descendant of the prehistoric command.com from MS-DOS, has no persistent storage of…Oct 20, 2020Oct 20, 2020
Project Freta: Microsoft’s Cloud-based Memory Analysis EngineAh, the sweet days of running your memory sample through volatility. It’s not over yet — but Microsoft has done an amazing job at…Jul 27, 2020Jul 27, 2020
IBM QRadar: The Architecture!Before you get started with the deployment of QRadar in your infrastructure, you need to understand the several components it makes use of…Jun 19, 2020Jun 19, 2020
What are DLLs?Dynamic-link Libraries (DLLs) are Microsoft’s implementation of shared code on the Windows Operating System. By means of modularizing code…Jun 19, 2020Jun 19, 2020
Defender’s Toolkit 101: Yara Rules!A defender should always be equipped with the skill to write good Yara rules. Let’s explore writing these great detection rules!Apr 6, 20202Apr 6, 20202
