Sysmon 11.0 released: Spot hidden tracks even better
In the past I wrote a blog post about Process Explorer to find hidden threats on potentially compromised systems. As … More Sysmon 11.0 released: Spot hidden tracks even better
In the past I wrote a blog post about Process Explorer to find hidden threats on potentially compromised systems. As … More Sysmon 11.0 released: Spot hidden tracks even better
Wireshark is a very useful tool for network troubleshooting, but also for Blue (discover attacks) and Red (sniff secrets) security … More Reading encrypted network traffic & why connection coalescing, session resumption and perfect forward secrecy help
ARP – the address resolution protocol – is responsible for translating IP addresses into MAC addresses. If your system wants … More Run ARP poisoning attacks with Metasploit and detect them with Wireshark
In the previous post I explained how to set up your Alfa WiFi adapter to perform security tests on your … More Easy steps for testing your WEP/WPA WiFi with aircrack-ng
For people in IT security who want to perform penetration testing on wireless networks, it is important to have a … More Get Alfa AWUS036ACH USB NIC running on Kali VM to attack wireless networks
People in IT security will most likely need to work and test with different operating systems, versions and software. Nowadays … More Understanding VirtualBox networking schemes to set up a good and safe lab
The Sysinternals suite is a toolkit that can be downloaded for free from the Microsoft website. Really all of the … More Threa[d|t] Analysis with Process Explorer
There are countless ways to harden your operating system. I’m planning to post some recommendations from time to time how … More Deny automatic NTLM authentication to avoid hash stealing
The new version of the Mitre Att&Ck framework contains sub-techniques, which makes classification even more precise and allows to implement … More New version of Mitre Att&Ck framework
Update 29/10/2020: A blog reader raised awareness that the format of the X-Force Exchange STIX export had slightly changed. The … More STIX 2.0 IoC export with Python