DFIR | Hunting | BlueTeam | Trying to be a decent human being | Mostly tweeting when feeling okay-ish 💜 | All thoughts and opinions expressed here are my own.github.com/0xlucipher Mumbai, IndiaJoined December 2009
🔴 Website netextender-sonicwall[.]org downloads "NetExtender-VPN-10.3.3.msi" signed by "MOHAN ENTERPRISES (RAJASTHAN) PVT LTD" 🤔
▪ The fraudulent domain is powered by Bing and Copilot results, giving it visibility and "credibility" ❌
Previously, this campaign was…
I was creating playbook on how to use purview in our organisation. I dropped the idea after 6 months and 3 failed draft as either the information was not “useful enough” or either it was “too much technical and unusable”. Microsoft’s documentation is nightmare level.
I was creating playbook on how to use purview in our organisation. I dropped the idea after 6 months and 3 failed draft as either the information was not “useful enough” or either it was “too much technical and unusable”. Microsoft’s documentation is nightmare level.
Oh lets test some tool's effectiveness for data exfiltration with DLP mode off..
Oh no.. there is no events for the exfiltration! <insert panic meme>
———
Jokes aside, it would be interesting to see in the future with the same tests being made against DLP policies configured.
Oh lets test some tool's effectiveness for data exfiltration with DLP mode off..
Oh no.. there is no events for the exfiltration! <insert panic meme>
———
Jokes aside, it would be interesting to see in the future with the same tests being made against DLP policies configured.
GitHub - cr0nx/awesome-linux-attack-forensics-purplelabs: This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools. github.com/cr0nx/awesome-…
🔥 Excited to announce HEARTH (Hunting Exchange And Research Threat Hub)!
Hey thrunters! A new open-source home to:
- Share hunt ideas
- Learn from others
- Level up together
Built by hunters, for hunters 🎯
threathuntingcommunity.com#threathunting#thrunting#infosec#HEARTH
The Microsoft Defender Threat Intelligence team just launched their official GitHub Community. Technical solutions for common incident response and threat hunting scenarios to help the SOC maximize Microsoft Threat Intelligence in Defender TI. github.com/Azure/MDTI-Sol…
10 Followers 102 FollowingRecently redundant and looking for work with an honest employer. Blogging my experiences in the Covid-19 world where companies are no longer recruiting.
9K Followers 3K FollowingThis Week in 4n6 // ThinkDFIR // SANS // CyberCX (DFIR)
https://t.co/vLyL2sxTuy
I might not know much, but I do know how to Google
Tweets are mine
20K Followers 2K FollowingPrincipal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK).
And yes, opinions are my own ;)
2K Followers 587 FollowingDFIR @Google :: I write open source tools :: Creator of OpenRelik and Timesketch :: Tweets are my own
@[email protected] on Mastodon
4K Followers 599 FollowingElastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
63K Followers 82 FollowingThe latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
18K Followers 801 FollowingThreat Intelligence Analyst |
See my Linktree for other socials |
In case I post false intel, contact me!
Support me: https://t.co/5WgDqr0K8p
🇪🇺🇩🇪🇺🇦🌈
2K Followers 515 FollowingSenior Technical Forensics Consultant; Magnet Forensics; Mobile Forensics Enthusiast; Tech Nerd; Comic Book Geek; Opinions are my own, not my employers.
6K Followers 3K FollowingHunt & Response Senior Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkin
13K Followers 310 FollowingThreat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering.
“⚔️What do we say to God of malware, Not today⚔️”
13K Followers 1K FollowingCIRCL is the CERT (Computer Emergency Response Team) for the private sector, communes and non-governmental entities in Luxembourg.
12K Followers 58 FollowingAuthor of #PingCastle, contributor to #mimikatz (DCSync, setntlm, DCShadow) and #OpenSC. Wrote GIDS applet, OpenPGP card driver on Windows and OpenSC stuff.
25K Followers 2K FollowingNFP with the mission of #crowdsourcing OSINT to help find #missingpersons while training members in the tradecraft of #OSINT | Contact us at [email protected]