Home
Active Directory Attack
Network Attack
SIEM
TOOLS
IOC
Mitre Att&ck
E-Mail Attack
Search
Saturday, May 21, 2022, 5:41 pm
Live IOC
Latest Cyber Security News
New CVE’s
Ransomware CVE ID
AbuseIPDB
Phishing Domain Search
Sucuri Web Malware
Urlabuse
WebPage Historic Checks
Sign in
Welcome! Log into your account
your username
your password
Forgot your password? Get help
Privacy Policy
Password recovery
Recover your password
your email
A password will be e-mailed to you.
Security Investigation
Home
Active Directory Attack
Microsoft Notified Blueteam to Monitor Sqlps.exe and Powershell
Sysmon Event ID 13 to Detect Malicious Password-Protected File unlock and…
Windows Event ID 5379 to Detect Malicious Password-Protected File unlock
How FIDO Makes Passwordless Authentication Works
Time to re-evaluate your 2FA setup on Microsoft networks
Network Attack
What is Port Forwarding and the Security Risks?
CVE-2021-4034 – Polkit Vulnerability Exploit Detection
DNSSEC – Domain Name System Security Extensions Explained
Detect Most Common Malicious Actions in the Linux Environment
How DNS Tunneling works – Detection & Response
SIEM
Microsoft Cloud App Security Anomaly Detection Policies
Ngrok Threat Hunting: Detect Hackers at the End of the Tunnel
Ransomware: How Attackers are Breaching Corporate Networks
Microsoft Defender for Cloud App Security
How a Zero Day Exploit Works? Attack Timeline and Defense Techniques
TOOLS
Free Ransomware Decryption tool -No More Ransom
How to Remove Database Malware from Your Website
Most Common Malware Obfuscation Techniques
Web Malware Removal | How to Remove Malware From Your Website?
What is a WAF? | Web Application Firewall Explained
IOC
Threat Actors Take Over Unpatched VMware Vulnerabilities to Full System Control
Threat Actors Abuse Microsoft’s HTML help file to Deliver Malware
Cyber Actors Steal Credit Card Data from the US Business
Ukraine CERT-UA Reports a phishing campaign conducted by Armageddon APT
Detecting and Preventing F5 Big-IP Critical Vulnerability – CVE-2022-1388
Mitre Att&ck
Mapping MITRE ATT&CK with Window Event Log IDs
Advance Mitre Threat Mapping – Attack Navigator & TRAM Tools
What is the MITRE ATT&CK Framework? How Is It Useful
What is Crown Jewels Analysis ? Part:01
Red canary AtomicTest Harnesses – Tool for Mitre attack Execution
E-Mail Attack
Google SMTP Relay Abused to Deliver Phishing Emails
Email Header Analysis – Use Cases Including SPF, DKIM & DMARC
Proxyshell Vulnerability – Large Exploitation of Microsoft Exchange Servers
How DKIM SPF & DMARC Work to Prevent Email Spoofing and…
Cooking Malicious Phishing Email Headers with CyberChef
Home
Tags
Windows event logs
Tag: windows event logs
Windows Management Instrumentation Attacks – Detection & Response
Anusthika Jeyashankar
-
November 1, 2021
0
Directory Services Restore Mode Password Reset – Event IDs to Monitor
Anusthika Jeyashankar
-
October 25, 2021
0
Lateral Movement Detection with Windows Event Logs
BalaGanesh
-
October 20, 2021
0
Logon Tracer – Investigate & Visualize Malicious Windows Logon
Harisuthan
-
October 6, 2021
0
Threat Hunting Using Windows EventID 4648 – Logon/Logoff
BalaGanesh
-
September 28, 2021
0
Top Windows Security Events Logs You Must Monitor
BalaGanesh
-
January 5, 2021
0
Recent Posts
Microsoft Notified Blueteam to Monitor Sqlps.exe and Powershell
May 19, 2022
Sysmon Event ID 13 to Detect Malicious Password-Protected File unlock and...
May 12, 2022
Windows Event ID 5379 to Detect Malicious Password-Protected File unlock
May 10, 2022
How FIDO Makes Passwordless Authentication Works
May 9, 2022
Time to re-evaluate your 2FA setup on Microsoft networks
May 5, 2022
Load more
