Securehat
@FranticTyping
  • Blog Overview
  • 💣CobaltStrike
    • Cobalt Strike Staging and Extracting Configuration Information
    • Fighting Back Against Cobalt Strike - Detection Ideas
  • 🔬Malware Analysis
    • Tool-Less Extraction of IOCs from an Emotet Maldoc
    • Extracting the Cobalt Strike Config from a TEARDROP Loader
  • 💉Process Injection and Similar Topics
    • Shellcode Execution via EnumSystemLocalA
    • Manually Implementing Inline Function Hooking
    • Detecting Process Injection using Microsoft Detour Hooks
  • 🔍Detection Experiments
    • Detecting Parent Process Spoofing using KrabsETW
    • Chainsaw Tool - Search and Hunt Through Event Logs
    • Hunting for C3 Activity
  • 📘High Level Blue Team Topics
    • Scaling Detection and Response Operations
Powered by GitBook