Category: Audit
-
Searching for File Locations by Name: Investigations on Windows
Intro When it comes to cybersecurity, there are times when it becomes necessary to locate specific files on a system. This could be for an incident investigation, or as a result of a request from HR. Regardless of the reason, the ability to quickly and accurately find files is crucial for effective cybersecurity operations. Usefulness […]
-
Unconstrained Delegation: Hunting for AD Weaknesses
Intro Unconstrained delegation is a setting in Active Directory that allows a computer to impersonate a user and perform actions on their behalf. This feature is enabled by default on domain controllers in Active Directory. Concept Explained Imagine you have a big library with lots of books. Some of the books are really special and […]
-
Applications: Identifying Social Engineering Installations
Intro Windows OS maintains a repository in the registry to keep track of applications that have been installed using the Windows Installer. This database is used by varying parts of the operating system in order to manage the installation, modification, and removal of software on the host. This information can aid incident responders in determining […]
-
Fork Bombs: Hardening Unix-Systems from Denial of Service (DoS) Attacks
Intro A Denial-of-Service (DoS) attack is a malicious attempt to disrupt the availability of a computer, network, or website by overwhelming it with excessive traffic or resource utilization, rendering it unable to fulfill legitimate requests. Denial-of-Service (DoS) attacks come in various forms and exploit different weaknesses in a network or system to disrupt its availability. […]
-
Hunting for Hashes: Algorithm Unknown? No problem!
INTRO Hashes are a fundamental tool in technical fields. Utilizing the values of hashes has become a common practice for ensuring the integrity of data, such as verifying the authenticity of a file during transfer or detecting malicious files through hash hunting. In the realm of security operations, threat hunting for known indicators is a […]