Hi there, I'm Hasan. I'm currently working as a Security Engineer at Ebryx. It's my personal blog to reflect back on whatever knowledge I've gathered!
It’s unfortunate that the Windows Command Prompt, the descendant of the prehistoric command.com from MS-DOS, has no persistent storage of command execution. It does, however, support temporary storage of commands...
In this episode of “Uncovering Attacks”, let’s explore ‘Cross-site Scripting’ or which commonly goes by its acryonym, ‘XSS’. Cross-site scripting is a web security vulnerability or injection attack in which...
As a defender, having sound knowledge of how actors operate and the techniques they utilize is important. This should give us an idea about the path the attacker must’ve followed...
What are DLLs? Dynamic-link Libraries (DLLs) are Microsoft’s implementation of shared code on the Windows Operating System. By means of modularizing code into smaller segments and individual files, Windows applications...
In the previous article, I talked about the WTSEnumerateProcessesEx API call to enumerate processes on a local machine via the Windows Terminal (RDS) service. Today, we’ll go over a few...
Let’s continue our series on Windows API Calls and today, we’ll be discussing some of the many methods, Windows provides to enumerate the processes on a system. Process Enumeration Why...
Windows API, in short, the WinAPI, is a set of functions and procedures, which can abstract much of the tasks you perform everyday on the Windows OS. The Application Programming...
LimaCharlie is an endpoint security platform which which was developed by ‘Refraction Point’, a group of cyber-security experts. It’s key module serves the capabilities of an Endpoint Detection and Response...
‘osquery’ is an open-source tool which can be used to audit an operating system and all its configurations as an SQL-based relational database. It does so by exposing the OS,...
Maintaining foothold is one of the key objectives of an adversary. Detecting that foothold is one of your key objectives as a forensicator! A few techniques which these adversaries for...
Let’s continue with our series on a Defender’s Toolkit. Today, we’re going to discuss Regular Expressions! Regular expressions (or regex) allow you to search through texts for a sequence or...
Before you get started with the deployment of QRadar in your infrastructure, you need to understand the several components it makes use of to function properly. IBM QRadar SIEM (Security...
In today’s blog, we’ll be covering a short portion of one of the most versatile tools ever built for us Forensicators - Yara! Yara is your one-stop solution to detect...
In today’s blog, we’ll be discussing the Amazon Web Services (AWS) CLI, which we can use to do an array of tasks by the help of our command line! Versions...
The documentary revolves around the NSA whistle-blower, Edward Snowden, who was accused of leaking NSA’s sensitive documents to the media in 2013. It has several moments where the actor is...
A Story of the Two Kings The Open Systems Interconnection (OSI) model is often considered to be the standard network architecture for implementing network protocols. However, to understand the model...
Hi there! We’ll be covering some interesting topics here on the blog as I cruise through my forensics pathway, learning new things and getting more certifications in the field. Feel...
This project is maintained by SyeedHasan