Skip to content
DFIR Breakdown: Impacket Remote Execution Activity – atexec
August 29, 2024
Start Reading
DFIR Next Steps: What To Do After You Find a Suspicious Use Of curl.exe
August 19, 2024
Start Reading
DFIR Next Steps: What To Do After You Find a Suspicious Use Of certutil.exe
August 7, 2024
Start Reading
DFIR Breakdown: Using Certutil To Download Attack Tools
July 24, 2024
Start Reading
Access More! BitLocker, new File Explorer, and Export All Files (3.11 release)
June 24, 2024
Start Reading
Intro to ImpHash for DFIR: “Fuzzy” Malware Matching
June 10, 2024
Start Reading
DFIR Artifacts for a Trojan Defense and Remote Access
June 4, 2024
Start Reading
Collecting Linux DFIR Artifacts with UAC
May 23, 2024
Start Reading
How To DFIR Investigate with Cyber Triage and CrowdStrike Real Time Response
May 14, 2024
Start Reading
Adaptive vs Static File Collections for DFIR
May 8, 2024
Start Reading