7MS #646: Baby's First Incident Response with Velociraptor
7 Minute Security18 Okt 2024

7MS #646: Baby's First Incident Response with Velociraptor

Hey friends, today I'm putting my blue hat on and dipping my toes in incident response by way of playing with Velociraptor, a very cool (and free!) tool to find evil in your environment. Perhaps even better than the price tag, Velociraptor runs as a single binary you can deploy to spin up a server and then request endpoints to "phone home" to you by way of GPO scheduled task. The things I talk about in this episode and show in the YouTube stream are all based off of this awesome presentation from Eric Capuano, who also was kind enough to publish a handout to accompany the presentation. And on a personal note, I wanted to share that Velociraptor has got me interested in jumping face first into some tough APT labs provided by XINTRA. More to come on XINTRA's offering, but so far I'm very impressed!

Avsnitt(715)

7MS #67: Wifi Sniffing is Fun-Part 2 (audio)

7MS #67: Wifi Sniffing is Fun-Part 2 (audio)

This is a follow-up to episode #64, in which I did some fun wireless sniffing and tried to find sensitive data within it! In the episode I talk about the network "map" of my sniffing setup. It looks l...

9 Juni 20157min

7MS #66: I'm Excited to Go Phishing – Part 2 (audio)

7MS #66: I'm Excited to Go Phishing – Part 2 (audio)

This is a follow-up to episode #63, discussing the results of a fun phishing campaign I recently completed. 7MS #66: I'm Excited to Go Phishing – Part 2 (audio)

4 Juni 20158min

7MS #65: OFFTOPIC-Still Alice (audio)

7MS #65: OFFTOPIC-Still Alice (audio)

Warning, this episode is off topic and has NOTHING to do with infosec! Nope! Instead, it's a review of the movie Still Alice. Yep. That happened. 7MS #65: OFFTOPIC-Still Alice (audio)

3 Juni 20157min

7MS #64: Wifi Sniffing is Fun-Part 1 (audio)

7MS #64: Wifi Sniffing is Fun-Part 1 (audio)

I got a fun project involving wireless sniffing, followed up by scraping through packets looking for credit card data! Here's part 1, which talks about about software/hardware you might need to do thi...

28 Maj 20157min

7MS #63: I'm Excited to Go Phishing (audio)

7MS #63: I'm Excited to Go Phishing (audio)

This week I'll be launching a phishing campaign against an organization that has been well trained to defend against such malicious attacks and links! Will this organization break my company's 100% su...

21 Maj 20157min

7MS #62: You Should Run LAPS (audio)

7MS #62: You Should Run LAPS (audio)

I'm excited about this! Microsoft has released a tool called Local Administrator Password Solution to help administrators manage local admin credentials for domain-joined machines. Check out this arti...

19 Maj 20157min

7MS #61: Why Local Admin Rights Suck (audio)

7MS #61: Why Local Admin Rights Suck (audio)

Users running as local admins on their machine are a big risk! This episode discusses some reasons why, and also here is the link to the Avecto study I mention regarding how many Microsoft vulnerabili...

14 Maj 20158min

7MS #60: How Not to Suck at Customer Service (audio)

7MS #60: How Not to Suck at Customer Service (audio)

This episode was inspired by two awesome customer service experiences I had in the past week. It got me thinking: how can we as infosec professionals suck less with our customer service approach? 7MS ...

12 Maj 20158min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-krimstad
aftonbladet-krim
fordomspodden
spar
flashback-forever
motiv
aftonbladet-daily
rss-vad-fan-hande
rss-sanning-konsekvens
krimmagasinet
rss-krimreportrarna
rss-klubbland-en-podd-mest-om-frolunda
sydsvenskan-dok
rss-aftonbladet-krim
politiken
blenda-2
grans
svd-ledarredaktionen