Excellent content! Thanks for your hard work and commitment..

@BlackPerl

2 жыл бұрын

Thanks for watching

Amazing, thanks for sharing the information.

@BlackPerl

2 жыл бұрын

I'm glad you liked it

awesome !

The session is amazing ..Just curious to know how you're executing TTP's in powershell ,are you downloading all lolbas into you local machine?

Thank you , I found in pc in network in windows restoration configuration the two partitions c: and d: and a folder without name with two back slash and then nubmers and letters could be this folder a malware

@BlackPerl

2 жыл бұрын

Yes, could be.

Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses. 👉Sign up Today- analyze.intezer.com/ if you want to Hunt for your Org Threats in an efficient way! It's Free!! After sneaking in, an attacker can stealthily remain in a network for months as they quietly collect data, look for confidential material, or obtain login credentials that will allow them to move laterally across the environment. Once an adversary is successful in evading detection and an attack has penetrated an organization’s defenses, many organizations lack the advanced detection capabilities needed to stop the advanced persistent threats from remaining in the network. That’s why threat hunting is an essential component of any defense strategy. Today is Day3 of Threat Hunting Tutorial and today we will cover- 1. Living Off The Land- LoLBas Techniques, What is this? Why this is important? 2. How to detect for them 3. How to Hunt for LoLBas in Splunk and Intezer 🛠Tools of Requirement: ------------------------------------------------------------------------------------------------------------------------- 1. Intezer- analyze.intezer.com/ 2. LolBas Project- lolbas-project.github.io/ 3. Splunk Repo- research.splunk.com/stories/l... 4. Atomic Red Team- github.com/redcanaryco/atomic... WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!! ------------------------------------------------------------------------------------------------------------------------- INCIDENT RESPONSE TRAINING Full Course 👉kzread.info/head/PLj... DFIR Free Tools and Techniques 👉 kzread.info/head/PLj... Windows and Memory Forensics 👉 kzread.info/head/PLj... Malware Analysis 👉 kzread.info/head/PLj... SIEM Tutorial 👉 kzread.info/head/PLj... Threat Hunt & Threat Intelligence 👉 kzread.info/head/PLj... ⌚ Timelines ------------------------------------------------------------------------------------------------------------------------- 0:00 ⏩ Introduction 0:32 ⏩ What is LOL? 1:13 ⏩ See LOL in theory 4:35 ⏩ Overview of LOLBAS 07:39 ⏩ Intro to Atomic Red Team 09:48 ⏩ Run Simulation using Atomic Red Team 12:35 ⏩ Hunt in Splunk 17:46 ⏩ Hunt in Intezer 23:08 ⏩ Summarize 📞📲 FOLLOW ME EVERYWHERE- ------------------------------------------------------------------------------------------------------------------------- ✔ LinkedIn: www.linkedin.com/company/blac... ✔ You can reach out to me personally in LinkedIn as well- bit.ly/38ze4L5 ✔ Twitter: @blackperl_dfir ✔ Git: github.com/archanchoudhury ✔ Insta: (blackperl_dfir)instagram.com/blackperl_d... ✔ Can be reached via archan.fiem.it@gmail.com

Bro do you have any live courses ?

@BlackPerl

2 жыл бұрын

You meant training sessions outside YT?

Hi are you using Intezer premium version?

@BlackPerl

2 жыл бұрын

Yes, I am

@muralimohan4938

2 жыл бұрын

@@BlackPerl how much does it cost

@BlackPerl

2 жыл бұрын

@@muralimohan4938 I got it from their org for my research work. Not sure about the cost though.

@muralimohan4938

2 жыл бұрын

@@BlackPerl Kindly check your yahoo mailbox

@BlackPerl

2 жыл бұрын

@@muralimohan4938 Ok. Will check tonight. That account is not monitored now, feel free to send to my Gmail going forward.