Today, I release CB Bot! CB Bot is a threat hunting and incident response web application framework to use with Carbon Black (CB) Defense. Not only will you be able to run commands
In Part I of this series, we talked a bit about AWS fundamentals and how to leverage exposed EC2 instances and AWS metadata to do whatever you want (of course, given proper permissions
It's been a while since I last wrote a blog post. I've been busy building cool stuff and hunting for evil, so now I'm back to writing blog posts. For a while, I have had folks ask me about RDP Bitmap Cache, so I decided to write one about it.
In this blog post, I will be covering a very interesting artifact found in the Windows registry, which indicates whenever an executable (i.e. legitimate and illegitimate) attempted to establish a network connection to download files for the first time.