You are browsing the archive for Compromise Detection.

← Previous Entries
Next Entries →

Yet another secret of hosts file

February 18, 2021 in Anti-*, Anti-Forensics, Archaeology, Compromise Detection

In my old post I mentioned not a very well known hosts.ics file. Today I cover one more secret that I stumbled upon while digging inside DNS API internals. Turns […]

Comments Off on Yet another secret of hosts file

Hiding process creation and cmd line with a long com…

March 29, 2020 in Anti-Forensics, Compromise Detection, EDR

How long is the command line buffer? Depends on a program… How much of command line do Sysmon, 4688 events log? A finite amount. ‘Depends’ minus ‘finite’ == opportunity. Re-visiting […]

Comments Off on Hiding process creation and cmd line with a long com…

← Previous Entries
Next Entries →