Our Sponsors ❤️
Threat Hunting Azure Hound Usage
Author: Steven LimReleased: 9/7/2024
Detecting BYOVDLL Abuse
Author: Steven LimReleased: 9/6/2024
MDE TVM EDR Sensor Update
Author: Alex VerboonReleased: 9/5/2024
M365 Copilot Plugins Inventory Analysis
Author: Steven LimReleased: 9/5/2024
Entra Group Membership Report
Author: Bert-Jan PalsReleased: 9/4/2024
Unique Actions
Author: Bert-Jan PalsReleased: 9/3/2024
Soc Ghoulish
Author: Rod TrentReleased: 9/3/2024
Non Supported Agent Version Required For The Contain User Action By Attack Disruption
Author: Sergio AlbeaReleased: 9/3/2024
Monitor Privilege User SSPR
Author: Steven LimReleased: 9/3/2024
Identifying Methods Used To Establish Secure Communication Over Insecure Channels
Author: Sergio AlbeaReleased: 9/1/2024
Detecting EDR Killing Tool
Author: Steven LimReleased: 8/31/2024
Identify Endpoint Browser Extensions With Can Turnoff Malware Protections Permissions
Author: Michalis MichalosReleased: 8/29/2024
Communication At Risk Due To The Encryption Algorithms Ciphers In Use
Author: Sergio AlbeaReleased: 8/29/2024
Threat Hunting Microsoft Sway Quishing
Author: Steven LimReleased: 8/28/2024
Nltest Discovery
Author: Bert-Jan PalsReleased: 8/27/2024
Threat Hunting BYOVD Scenarios
Author: Steven LimReleased: 8/27/2024
Getsystemelevation C Smetasploit
Author: Ali HusseinReleased: 8/27/2024
Role Report
Author: Bert-Jan PalsReleased: 8/26/2024
Threat Hunting With MDE Device Discovery And Seen By Enrichment Function
Author: Steven LimReleased: 8/26/2024
Adfind Detection
Author: Ali HusseinReleased: 8/26/2024
Group Membership Report
Author: Bert-Jan PalsReleased: 8/25/2024
Peaklightinfection
Author: Ali HusseinReleased: 8/25/2024
Enriching CVE Tables With CVE Mitre Data
Author: Sergio AlbeaReleased: 8/25/2024
H
Author: Steven LimReleased: 8/25/2024
How Many Crowdstrike Clients Running On Microsoft Azure Globally
Author: Steven LimReleased: 8/25/2024
Use Exposure Management To Identify Local Ntlm Hashes From Sensitive Users
Author: Michalis MichalosReleased: 8/23/2024
Use Exposure Management To Chart User Groups With Local Admin Privileges
Author: Michalis MichalosReleased: 8/23/2024
CVE 2024 7971 Patch Prioritization
Author: Steven LimReleased: 8/22/2024
Email Bad Reputation ASN Activities
Author: Sergio AlbeaReleased: 8/22/2024
Infrastructure Vulnerability Exposure To Volt Typhoon
Author: Steven LimReleased: 8/22/2024
Entra ID Administrative Role AD Sync
Author: Steven LimReleased: 8/21/2024
MDE Remote Image Loads
Author: Bert-Jan PalsReleased: 8/20/2024
One Drive Sync From Rare IP
Author: Bert-Jan PalsReleased: 8/20/2024
KQL To Check Privilege Admin Failing Microsoft CA MFA Enforcement
Author: Steven LimReleased: 8/20/2024
Detect Potential DLL Hijacking Cases
Author: Sergio AlbeaReleased: 8/20/2024
Classifying HTTP Status Code And Detecting Possible Threats
Author: Sergio AlbeaReleased: 8/16/2024
Use Cases By MITRE
Author: Rod TrentReleased: 8/16/2024
Sentinel Analytics Rule For Copilot Studio Bot Creation Detection
Author: Steven LimReleased: 8/16/2024
Detecting Copilot Studio Bot Creation
Author: Steven LimReleased: 8/16/2024
CVE 2024 38063 CVSS 98 Prioritization
Author: Steven LimReleased: 8/14/2024
MFA Suspicious
Author: Ali HusseinReleased: 8/14/2024
CVE 2024 38200 NTLM Exposure Detection
Author: Steven LimReleased: 8/13/2024
Potential False Positives Related To Anomalous Token Alerts
Author: Sergio AlbeaReleased: 8/13/2024
Sentinel UEBA Privilege Escalation Detection
Author: Steven LimReleased: 8/13/2024
Detect Power Pwn Aka LOL Copilot Red Team Tool
Author: Steven LimReleased: 8/12/2024
Detect Spear Phishing Using Copilot For Microsoft 365
Author: Steven LimReleased: 8/11/2024
Exposure Management Cloud Or On Prem VDI Platform Blast Radius
Author: Steven LimReleased: 8/10/2024
Detect Microsoft Graph API Abuse
Author: Steven LimReleased: 8/10/2024
Summary Of First Party Service Principals Without Tenant Specific Data
Author: Thomas NaunheimReleased: 8/9/2024
Summary Of First Party Service Principals
Author: Thomas NaunheimReleased: 8/9/2024