mthchtinDetect FYIEvent Log Manipulations - Time slippingAfter reading Alex’s latest article, I’m inspired to start a detection serie dedicated to Event Log manipulation techniques, with our first…Jan 13Jan 13
mthchtinDetect FYIThreat Hunting — Suspicious Windows Service NamesSimulation and DetectionJan 81Jan 81
mthchtinDetect FYIThreat Hunting - Suspicious User AgentsHunting for Suspicious User Agents with SplunkJan 12Jan 12
mthchtinDetect FYIDetecting DNS over HTTPSDetecting DNS over HTTPS - DoH with a SIEM - logs analysisNov 7, 20231Nov 7, 20231
mthchtinOSINT TeamCatching My Hacker via Leaked DatabasesHow i got hacked and tracked the hacker with leaked databasesOct 4, 20232Oct 4, 20232
mthchtinDetect FYIDetect DLL Hijacking techniques from HijackLibs with SplunkSplunk detections searchesOct 1, 2023Oct 1, 2023
mthchtThe Myths and Realities of VPNsHave you also noticed the aggressive advertising campaigns for VPN providers, promoted by social media influencers and YouTube creators …Sep 30, 2023Sep 30, 2023
mthchtinDetect FYIHow Threat Actors use PastebinWhy is it important to monitor paste sites? detection tipsAug 24, 2023Aug 24, 2023