Search

Remote Desktop Incident Response

It happened again, EC2 Abuse let you know you have a potentially compromised EC2 windows instance. You get into the account and there it...

SEC504 - Mentor-Class through SANS

Just wrapped up my first swipe at teaching my first SANS course and I thought I'd share my experience for anybody else out there who may...

sinkhole - it's easier than you think

The longer I do this the more I come around to using simpler and simpler tools. Yes, learning GOLANG, kurbernetes, docker, AI,...

Detecting DCSHADOW

I was lucky enough to get my ticket early to BSIDES AUSTIN this year and being the life of an Incident Handler I had to duck out of a few...

Keep an Eye on Your DNS Records

DNS Hijacking, Cache poisoning, and a host of other issues are a continued concern when it comes to internet hygiene. Amid the government...

UserAgentBruteForce

After taking FOR610 and taking the GREM I decided to try and write a tool or two that could be utilized for Malware Analysis. Some...

Incident Response Enables Innovation

Draconian security controls, processes, and polices are stillborn or will be in the near-future. It will go the way of on-premise...

Intrusion Detection Using PowerShell

1.Introduction 1.2 Microsoft in the late 90s and at the turn of the millennium was not held in high regard as it pertains to security....

Threat Rigidity in Cyber Security

Fear Uncertainty and Doubt (FUD) works as an influence strategy by amateur cybersecurity professionals over an organization, and as a...

Welcome to packetaddict.com!

Infosec, packets, technology and knowledge - all part of packetaddict.com. Here we want to share knowledge and ensure that other...