Facebook
Instagram
Linkedin
Home
Active Directory Attack
Network Attack
SIEM
TOOLS
IOC
Mitre Att&ck
E-Mail Attack
Editors Pick
Search
Security Investigation
Be the first to investigate
Home
Active Directory Attack
Threat Hunting Using Windows Security Log
CVE-2023-21554 – Hunt For MSMQ QueueJumper In The Environment
OS Credential Dumping- LSASS Memory vs Windows Logs
Credential Dumping using Windows Network Providers – How to Respond
The Flow of Event Telemetry Blocking – Detection & Response
Network Attack
How Does DGA Malware Operate And How To Detect In A…
DNS sinkholes to Prevent Malware? How did it work?
Threat Hunting using DNS logs – Soc Incident Response Procedure
What is Port Forwarding and the Security Risks?
Threat Hunting using Firewall Logs – Soc Incident Response Procedure
SIEM
How to Detect Malware C2 with DNS Status Codes
Ngrok Threat Hunting: Detect Hackers at the End of the Tunnel
The Most Important Data Exfiltration Techniques for a Soc Analyst to…
Soc Interview Questions and Answers – CYBER SECURITY ANALYST
Anatomy Of An Advanced Persistent Threat Group
TOOLS
DeepBlueCLI – PowerShell Module for Threat Hunting
Pestudio: Initial Malware Assessment Made Simple
How Attackers Manipulate LLMs in ML – Attack Vectors
How to Remove Database Malware from Your Website
PECmd – Windows Prefetch Analysis For Incident Responders
IOC
Phishing Scam Alert: Fraudulent Emails Requesting to Clear Email Storage Space…
Vidar Infostealer Malware Returns with new TTPS – Detection & Response
New WhiskerSpy Backdoor via Watering Hole Attack -Detection & Response
RedLine Stealer returns with New TTPS – Detection & Response
Understanding Microsoft Defender Threat Intelligence (Defender TI)
Mitre Att&ck
Threat Hunting Playbooks For MITRE TACTICS
Masquerade Attack Part 2 – Suspicious Services and File Names
Masquerade Attack – Everything You Need To Know in 2022
MITRE D3FEND Knowledge Guides to Design Better Cyber Defenses
Mapping MITRE ATT&CK with Window Event Log IDs
E-Mail Attack
How DKIM SPF & DMARC Work to Prevent Email Spoofing and…
How Email Encryption Protects Your Privacy
How To Check Malicious Phishing Links
Emotet Malware with Microsoft OneNote- How to Block emails based on…
How DMARC is used to reduce spoofed emails ?
Editors Pick
Home
Tags
Event id 4648
Tag: event id 4648
Active Directory Attack
Threat Hunting Using Windows Security Log
Anusthika Jeyashankar
-
January 6, 2025
0
Active Directory Attack
Most Common Windows Event IDs to Hunt – Mind Map
BalaGanesh
-
November 3, 2021
0
Active Directory Attack
Windows Management Instrumentation Attacks – Detection & Response
Anusthika Jeyashankar
-
November 1, 2021
0
Active Directory Attack
Threat Hunting Using Windows EventID 4648 – Logon/Logoff
BalaGanesh
-
September 28, 2021
0
