Detection

Blue Team (Sort Of)

In this section I will work on some Hunting here, what Op-Sec techniques you can take in consideration, what is being executed some great tools to monitor our processes and dissect our attacks to see what a Defender see's also to see as well what a Forensic's Examiner may be able to find, or common thing's to search for when one of our techniques are executed.

Some of the Tool's I will heavily rely on (Open Source, Free Stuff!!):

  • SysInternals

  • Process Hacker 2

  • DeepBlue CLI

  • Prefetch

  • WireShark

Something to be wary of a few of these tools need to be executed prior a Breach (Sysmon & WireShark)