Latest posts
- May 3, 2024
Incident Response & Threat Hunting Series, Evidence Collection
KAPE Targets Let’s explore the concept of Triage Acquisition within the context of Incident Response and Threat Hunting.
Triage Acquisition involves obtaining specific files or artifacts that provide insights into the system’s state we are analyzing. - May 3, 2024
Incident Response & Threat Hunting Series, Autoruns
Description Let’s say our objective is to determine whether there is persistence during system boot or login, one of the most straightforward and effective methods is to use Microsoft Sysinternals Autoruns.
- May 3, 2024
Incident Response & Threat Hunting Series, Search Files & Content
Search Files & Content: Introduction This lesson will be an introductory overview for a short sub-series focused on the topic of file search and their contents within the AD Environment. The search method will vary based on the available data, whether it’s the file name, hash, or distinctive content of these files