Skip to content

Severins kleine Cyber Seite

Für ein Phishing Mail ist man nie zu alt!

  • Discovery
  • About Me
  • Impressum

Category: Gefundenes

Sysmon Tools

On March 17, 2022 By Severin Winkler In Gefundenes

Sysmon View helps in tracking and visualizing Sysmon logs by logically grouping and correlating the various Sysmon events together, using existing events data, such as executables names, session GUIDs, event creation time, etc., the tool …

Continue reading

Secrets of Successful Security Programs – Part 1

On March 7, 2022 By Severin Winkler In Gefundenes

If you just do the first then the success that those improvements bring taper off or are a just a patch-work of bright spots amid a back drop of issues and instability. If you just …

Continue reading

Blockchain + SSI = ID?

On October 29, 2021 By Severin Winkler In Gefundenes

Der aktuelle Trend proklamiert Self-Sovereign-Identities (SSI) auf Blockchains / Distributed Ledger Technologies (DLT) für alle Bundesbürger, ja zukünftig sogar für alle EU-Bürger. https://medium.com/@ckahlo/blockchain-ssi-id-d7e51d98d050

Continue reading

Microsoft 365 Licensing

On September 23, 2021 By Severin Winkler In Gefundenes

Skip to main content Microsoft 365 Licensing By Aaron Dinnage — June, 2021 OFFLINE Saved diagrams Feature matrix Change log User guide Downloads Settings https://m365maps.com/

Continue reading

Antivirus Event Analysis Cheat Sheet v1.8.2

On September 3, 2021 By Severin Winkler In Gefundenes

The analysis of Antivirus events can be a tedious task in big organizations with hundreds of events per day. Usually security teams fall back to a mode of operation in which they only analyze events …

Continue reading

Azure AD. Attack of the Default Config

On August 30, 2021 By Severin Winkler In Gefundenes

Uncloaking dangerous and default configurations within Azure. There are several default configurations within the admin portal of Azure. The main affected area is Azure Active Directory (Azure AD) which is the primary area that controls …

Continue reading

Cobalt Strike, a Defender’s Guide

On August 30, 2021 By Severin Winkler In Gefundenes

Intro The Ryuk threat actors went from a phishing email to domain wide ransomware in 5 hours. They escalated privileges using Zerologon (CVE-2020-1472), less than 2 hours after the initial … Read More https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/

Continue reading

Security Scorecards

On July 12, 2021 By Severin Winkler In Gefundenes

A short motivational video clip to inspire us: https://youtu.be/rDMMYT3vkTk “You passed! All D’s … and an A!” Automate analysis and trust decisions on the security posture of open source projects. https://github.com/ossf/scorecard

Continue reading

Forensic analysis of Windows 10 compressed memory using Volatility

On June 13, 2021 By Severin Winkler In Gefundenes

Memory analysis on Windows 10 is pretty different from previous Windows versions: a new feature, called Memory Compression, make it necessary a forensic tool able to read compressed memory pages. https://www.andreafortuna.org/2019/08/01/forensic-analysis-of-windows-10-compressed-memory-using-volatility/

Continue reading

Autotimeliner to CyberChef to Timesketch

On June 13, 2021 By Severin Winkler In Gefundenes

As you might know, I love to combine several OpenSource tools to get things done. One thing I wanted to play for some weeks is Autotimeliner by Andrea Fortuna.This tool is made to extract events …

Continue reading

Posts navigation

1 2 3 Next Posts»

Recent Posts

  • Sysmon Tools
  • Secrets of Successful Security Programs – Part 1
  • Blockchain + SSI = ID?
  • Microsoft 365 Licensing
  • Antivirus Event Analysis Cheat Sheet v1.8.2

Archives

  • March 2022
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • October 2020

Categories

  • Gefundenes
  • Uncategorized
WordPress Theme: Chronus by ThemeZee.