Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @neu5ron
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @neu5ron
-
Nate Guagenti proslijedio/la je Tweet
Has anyone (boss, client, student, etc) ever asked you in what Windows event log can you find a process, IP address, InterfaceUuid, etc? Very helpful to identify providers that you might need to start collecting data from.
@OSSEM_Project is using online interactive#notebookshttps://twitter.com/OSSEM_Project/status/1223299303734759426 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
Was testing out Elastic 7.5.2. Not sure when a change was made to the behavior of fields that consist of arrays of keywords (like process.args)... This change 'breaks' a lot of the anticipated behaviors from previous versions for fields like process.args.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Nate Guagenti proslijedio/la je Tweet
We are looking forward to
@Cyb3rWard0g keynoting our blue team track this year!#infosec#misecHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Prepped the ingredients, at my brother’s
@quadfours_kin, for the other sauce I cook when I am not cooking something for@THE_HELK slow cook for 6hrs+ and add some of the 60lbs of sausage we madepic.twitter.com/TVQvOfKbSi
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Pumped to start with
@SOC_Prime next week. Looking forward to get back to SIGMA & threat hunting content, large scale NSM & database architectures, and rejoin w/ my Windows Logs Zero 2 Hero cohort@acalarch. Alot more to comeHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Excited to see what this panel will involve. Industry could continue to use more realism
https://twitter.com/BSidesColumbus/status/1220343834023997441 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
If anybody needs help with this here are some good GPOs to get started. https://github.com/defendthehoneypot …https://twitter.com/cglyer/status/1182037195047260160 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
You or someone you know is looking for a threat hunting position? We’re hiring. Find badness on
#AWS
use and develop on #Elastic, share open-source, unlimited conferences
and work remotely with a kickass home setup!
DMs are open if you want to know more #infosecjobsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
How do you integrate
@ProjectJupyter#notebooks with the#sigma project? How do you convert 300+ rules to@elastic ES query strings & pack them as part of notebooks to query ES? All from code
. I wrote about it here! Weekend readings!
#threathuntinghttps://medium.com/threat-hunters-forge/jupyter-notebooks-from-sigma-rules-%EF%B8%8F-to-query-elasticsearch-31a74cc59b99 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This is your future self... I wanted to let you know that since you were normalizing IDS, IPS, firewall, sysmon, and bro/zeek data into common fields for pivoting&schema.....that 5+ years from now thats all you will still be doing. good luck buddy
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
@SwiftOnSecurity Any idea if there is a public backlog / roadmap for#sysmon ? Would love to see how close we are to getting Community ID support (#Zeek &#Suricata correlation!)https://github.com/MicrosoftDocs/sysinternals/issues/219 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
Excellent introduction to the implementation of Windows Event Logs and why they can be missing critical information. Michael Cohen includes an open source Velociraptor parser as a solution. https://buff.ly/2OcvvqP https://buff.ly/37rDist pic.twitter.com/9z3HurxNe5
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
Released a new project, a dockerized ELK environment filled with security datasets: • Mordor from
@Cyb3rWard0g • EVTX-ATTACK-SAMPLES from@SBousseaden https://github.com/thomaspatzke/elk-detection-lab …pic.twitter.com/aXkrT7H8pM
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
OSCD: Threat Detection Sprint #1 Summary has been published. Thanks to all the participants and those who helped with it! Merry Christmas and Happy New Year!
#ThreatIntel#ThreatHunting#ThreatDetection#BlueTeam https://medium.com/oscd/oscd-threat-detection-sprint-1-c42317e06771?sk=56a7f36224e4ccb5fcf5ca1f285c489d …pic.twitter.com/ikor7bKjwg
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
For my reverse engineering friends, patching a binary might be easy. But, if you are starting it can be challenging, here is a post I wrote on how to patch a binary using radare2. Also shows the same task using vim and xxd. https://rderik.com/blog/using-radare2-to-patch-a-binary/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nate Guagenti proslijedio/la je Tweet
Now that you're cooking with gas, you want moar, check out Sigma rules by
@cyb3rops &@blubbfiction
https://github.com/Neo23x0/sigma Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Nate Guagenti proslijedio/la je Tweet
God Mode Sigma Rule v0.1
A proof-of-concept with my TOP 3 search queries
Merry Christmas and happy hunting
https://gist.github.com/Neo23x0/811db09add59068a7a80273d7e5f6e0f …pic.twitter.com/vf5rdgs70U
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.