Sysinternals case writeup
This is a small writeup for the sysinternals case recently published by Ali Hadi.
Recent Posts
A tour inside a SOC analyst mind
As a mentor in a SOC, I often receive questions from junior analysts about the best way to approach analysis. To help them develop their skills, I sometimes ...
Analyzing SOC Data Using Jupyter Notebook
Detection Controls usually focus on telemetry collection, and in most cases lack data analytic capabilities. Hence, It would be necessary to export the data ...
Remote Full Packet Capture
Tool such as TCPDump captures full packet data and store to desk, it doesn’t provide a way to capture and stream the packets to a remote destination. I have ...
Using Structured Analytics Techniques in SOC
I keep trying to involve SATs (structured analytic techniques) in my daily Cyber security analysis work. I also keep looking for ways to measure the improvem...