Grégory LUCAND

@Greg_Lucand

Architecte Sécurité Microsoft

adds-security.blogspot.fr
Joined April 2012
8 Photos and videos Photos and videos

Tweets

You blocked @Greg_Lucand

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @Greg_Lucand

  1. Retweeted
    Dec 22

    AppLocker case study blogposts so far. More to come! AppLocker study 1 - AppLocker study 2 - Hardening based on study 1 - Hardening based on study 2 -

    7 replies 170 retweets 320 likes
  2. Retweeted
    Dec 22

    L'application du moindre privilège est indispensable pour limiter la surface d’attaque d'un et sa vulnérabilité. Retrouvez le nouveau guide de recommandation pour la mise en place de système 🆕

    1 reply 123 retweets 92 likes
  3. Retweeted
    Dec 20

    It's official, I'll present with as guest the new DCShadow attack (how to transform a workstation into a DC) at Wednesday, Jan 24 | 12:45-13:30 PM, Tel Aviv

    12 replies 31 retweets 88 likes
  4. Retweeted
    Dec 19

    Two novel studies by our researchers on enhancing redteaming tools and exercises, 1st time presented this year at conference Both proposals have been already tested exercises

    14 retweets 13 likes
  5. Retweeted
    Dec 7

    Sysinternals Sysmon suspicious activity guide

    14 retweets 12 likes
  6. Retweeted
    Dec 4

    From the "technical blog posts that I wish would have existed when I was a sysadmin" department, new deep-dive post on AskDS:

    6 retweets 12 likes
  7. Retweeted
    Nov 30

    LogonTracer: Investigate malicious Windows logon by visualizing and analyzing Windows event log

    6 replies 440 retweets 746 likes
  8. Retweeted
    Nov 29

    CALDERA has been released! We will be presenting the work at next week.

    10 replies 301 retweets 381 likes
  9. Retweeted
    Nov 22

    interception localisation traduction analyse diffusion📡 Le renseignement a rôle crucial dans la guerre. Retour sur avec le

    De l'émetteur au terrain en passant par nos spécialistes transmissions
    La recherche, l’exploitation et la diffusion du renseignement sont des arts difficiles. Quelle que soit l’avancée de ses moyens, il repose sur une activité humaine exigeante en compétences & qualités.
    5 replies 61 retweets 95 likes
  10. Retweeted
    Nov 20

    Added a new blog post showing a few alternative methods of grabbing SYSTEM access, hopefully useful if "getsystem" isn't an option

    3 replies 272 retweets 428 likes
  11. Retweeted
    Nov 16

    On the Full Language Mode, you can do whatever you want. Here is just another example, which kills Script Block Logging. No protection works perfect, so know attackers as much as possible (and defense options like the Constrained Language Mode)

    2 replies 73 retweets 124 likes
    Show this thread
    Show this thread
  12. Retweeted
    Nov 13

    Défis n°8 est paru. La revue du département Intelligence et sécurité économique de est consacrée pour cette édition à l’entreprise à l’heure de l’intelligence artificielle. Elle est disponible gratuitement en téléchargement:

    16 retweets 15 likes
  13. Retweeted
    Nov 10

    The slide deck from my presentation at COUNTERMEASURE today, where I talked about a set of analytical models I've created that you can use to reduce the uncertainty when deciding on response strategies to "APT intrusions".

    4 replies 61 retweets 105 likes
    Show this thread
    Show this thread
  14. Retweeted
    Nov 5

    Intro to spoofing: Attack, detection & Mitigation

    2 retweets 4 likes
  15. Retweeted
    Nov 4

    Great post on DFIR considerations: "Chasing Adversaries with Autoruns – evading techniques and countermeasures"

    114 retweets 201 likes
  16. Retweeted
    Oct 29

    A quick review of all the Techniques. I can quickly map 32 techniques killed by deploying Whitelisting.

    5 replies 158 retweets 343 likes
  17. Retweeted
    Oct 23

    What's coming in the next version of the free ILSpy decompiler for .NET apps ( )

    8 retweets 5 likes
  18. Retweeted
    Oct 20

    TA17-293A: Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors

    3 replies 496 retweets 337 likes
  19. Retweeted
    Oct 19

    Canadian SIGINT agency is releasing its Automated Malware Analysis Framework

    1 reply 56 retweets 83 likes
    Show this thread
    Show this thread
  20. Retweeted
    Oct 14

    Discover any "ACL Hidden" objects used for persistency cc

    2 replies 101 retweets 130 likes

@Greg_Lucand hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·