MIMIKATZ DETECTION |
2015-02-10 | Mark Baggett | Detecting Mimikatz Use On Your Network |
MIMIKATZ |
2019-08-22/a> | Xavier Mertens | Simple Mimikatz & RDPWrapper Dropper |
2017-05-03/a> | Bojan Zdrnja | Powershelling with exploits |
2015-12-14/a> | Russ McRee | AD Security's Unofficial Guide to Mimikatz & Command Reference |
2015-02-10/a> | Mark Baggett | Detecting Mimikatz Use On Your Network |
DETECTION |
2021-12-28/a> | Russ McRee | LotL Classifier tests for shells, exfil, and miners |
2021-04-02/a> | Xavier Mertens | C2 Activity: Sandboxes or Real Victims? |
2020-11-20/a> | Xavier Mertens | Malicious Python Code and LittleSnitch Detection |
2017-12-14/a> | Russ McRee | Detection Lab: Visibility & Introspection for Defenders |
2017-06-17/a> | Guy Bruneau | Mapping Use Cases to Logs. Which Logs are the Most Important to Collect? |
2016-08-29/a> | Russ McRee | Recommended Reading: Intrusion Detection Using Indicators of Compromise Based on Best Practices and Windows Event Logs |
2015-02-10/a> | Mark Baggett | Detecting Mimikatz Use On Your Network |
2014-09-27/a> | Guy Bruneau | What has Bash and Heartbleed Taught Us? |
2013-12-16/a> | Tom Webb | The case of Minerd |
2013-08-19/a> | Johannes Ullrich | Running Snort on ESXi using the Distributed Switch |
2012-09-02/a> | Lorna Hutcheson | Demonstrating the value of your Intrusion Detection Program and Analysts |
2012-08-16/a> | Johannes Ullrich | A Poor Man's DNS Anomaly Detection Script |
2008-11-16/a> | Maarten Van Horenbeeck | Detection of Trojan control channels |