Posts
-
Data Exfiltration in M365: Rclone Meets SharePoint
A Business Email Compromise can lead to data exfiltration from entire SharePoint.
-
Everything Felt Wrong: The Value of Home Labs
A home lab offers the freedom to experiment and make mistakes without real-world consequences. Yet, a home lab does not need to be fancy to be effective.
-
Parse Unified Audit Logs (PUAL)
Use Parse Unified Audit Logs (PUAL) to improve the process of investigating Unified Audit Logs.
-
Prefetch Files: Identifying Files Targeted by Data Extraction, Staging and Exfiltration
Prefetch files provide significant value to a forensic investigation and may assist in identifying files targeted as part of data extraction, staging and exfiltration.
-
Onsite Madness: A Barebones DFIR Kit
A DFIR kit that includes the barebones tools to get out of most scenarios without breaking the bank
-
Should Organisations Crack Their Own Passwords?
Passwords form a large part in how Threat Actors gain access into an compromised organisation's environment. Should organisations crack their own passwords to improve security?
-
The Case of Lost Files - VSS and KAPE
Ensure Volume Shaoow Copies are enabled. KAPE can be used to collect files within.
-
Decision Making in Cyber Security: Are You Suspicious?
Making solid decisions is crucial in cyber security and a poor decision can lead to serious consequences.
-
The Non-Technical: Report Writing
Improving technical writing to improve the quality of the final deliverable item which is a report in most cases.
-
Directory Tree to Folder Paths
A script to convert a directory tree to folder paths. Work in Progress