Are you planning on attending DEF CON 32? Check out my guide if this will be your first DEF CON. The helpful tips you need to maximize your DEF CON 32 experience.
A step-by-step guide to building a WinFE bootable live OS ISO file for Incident Response or troubleshooting.
Do you have a Data Collection Incident Response Plan? Here is a method to jump-start the process.
Learn to audit for and prevent DCSync attacks in your Active Directory environment. Most other sources miss more attack paths to DCSync abuse. Find all the DCSync attack paths; if you don’t, the Attackers will.
A walk-through for the Let’s Defend DFIR Remote Code Execution challenge. A forensic investigation with Obfuscated PowerShell, reverse shells, and web shells.
Are you planning on attending DEF CON 31? Check out my guide if this will be your first DEF CON. The helpful tips you need to maximize your DEF CON 31 experience.
Find out what you need to know to defend against the KeePass vulnerability CVE-2023-32784!
How to deobfuscate malicious PowerShell using a real-world example. Learn what you need to know now before an incident occurs!
How security hardened are your servers really? Find out the free tools and methods to ensure your environment is NIST standards hardened and compliant!
Are you looking for Client System Hardening Best Practices? Find out how you can test and improve your Windows Client environment security!