A Begginers All Inclusive Guide to ETW
An all inclusive guide to ETW, from what it is to how we can use it.
Extracting Cobalt Strike from Windows Error Reporting
Windows Error Reporting is an extremely useful but under utilised artifact. This entry goes into how we can extract malware from the Windows Error Reporting process dumps.
Cobalt Strike DFIR: Listening to the Pipes
A lot of work has been done on the naming schemes of Cobalt Strike Named Pipes, but how do we take our analysis to the next step?
Over Engineering a Cookie: Part 1
A quick break from Cyber Security to focus on something just as important, World Cookie Domination!
W3WProtect – A look into preventing IIS Exploitation
A look into how Kernel Drivers can better protect IIS against exploitation.