Home
Menu
Home
Posts
Talks
Tweets
|
LIGHT
DARK
Posts
2024
tmate - Instant Terminal Sharing (or How To Backdoor a Linux Server)
6 Oct 2024
EDR: The Great Escape - RomHack Training Review
30 Sep 2024
Today I Learned - NSG Flow Log
21 Sep 2024
ScriptBlock Smuggling
13 Sep 2024
Botnet Fenix
22 Aug 2024
Today I Learned - WebDAV Cache
9 Aug 2024
Abusing the “search-ms” URI protocol handler
4 Aug 2024
Tainted Kernels
12 Jul 2024
Today I Learned - kernel.modules_disabled
10 Jul 2024
Systemd Path Activation - Poor Man's File Integrity
22 Jun 2024
From Dangerous PHP Functions to Webshell Hunting
17 Jun 2024
Today I Learned - Instrument ClamAV to extract AutoIT scripts
9 Jun 2024
Today I Learned - Zsh Sessions (even more Timestamps)
26 May 2024
The 'Invisibility Cloak' - Slash-Proc Magic
16 May 2024
Removing Traces of RMM Tools
10 May 2024
Today I Learned - Zsh History Timestamps
7 May 2024
Canarytokens: Catching Insider Threats (and Threat Actors?)
6 May 2024
Today I Learned - Device Discovery
27 Apr 2024
Sysrv Infection (Linux Edition)
14 Apr 2024
MicroSocks: Convenient access through a compromised SonicWall SMA
30 Mar 2024
Azure Batch Misused for Crypto Mining
15 Mar 2024
Two in a row - You mitigated wrong (Kentico CMS RCE)
6 Mar 2024
AWS Ransomware
21 Feb 2024
[s|l]trace - Linux Malware Analysis
1 Feb 2024
Hunting AsyncRAT & QuasarRAT
15 Jan 2024
2023
N-IOCs to Rule Them All
31 Dec 2023