mthchtinDetect FYIEvent Log Manipulations [1] - Time slippingAfter reading Alex’s latest article, I’m inspired to start a detection serie dedicated to Event Log manipulation techniques, with our first…15 min read·Jan 13, 2024----
mthchtinDetect FYIThreat Hunting — Suspicious Windows Service NamesSimulation and Detection13 min read·Jan 8, 2024--1--1
mthchtinDetect FYIThreat Hunting - Suspicious User AgentsHunting for Suspicious User Agents with Splunk14 min read·Jan 1, 2024--1--1
mthchtinDetect FYIDetecting DNS over HTTPSDetecting DNS over HTTPS - DoH with a SIEM - logs analysis8 min read·Nov 7, 2023--1--1
mthchtinOSINT TEAMCatching My Hacker via Leaked DatabasesHow i got hacked and tracked the hacker with leaked databases8 min read·Oct 4, 2023--2--2
mthchtinDetect FYIDetect DLL Hijacking techniques from HijackLibs with SplunkSplunk detections searches6 min read·Oct 1, 2023----
mthchtThe Myths and Realities of VPNsHave you also noticed the aggressive advertising campaigns for VPN providers, promoted by social media influencers and YouTube creators …4 min read·Sep 30, 2023----
mthchtinDetect FYIHow Threat Actors use PastebinWhy is it important to monitor paste sites? detection tips3 min read·Aug 24, 2023----
mthchtLOLBAS Detection Serie [2] — Mspub.exe + ProtocolHandler.exe + MsoHtmEd.exeThe LOLBAS serie : https://medium.com/@mthcht/list/lolbas-843ba9de68105 min read·Aug 23, 2023----