登录查看更多内容

EDR: Master Function-Hooking DLLs (Part2)

Cynor Sense

Experience Safety

发布日期: 2023年5月23日

Discover how to leverage Velociraptor and Windows Defender to identify and remediate malicious process activities using Function-Hooking DLLs. Uncover 7 essential checks with corresponding VQL queries and settings to enhance your security posture.

Uncover Hidden Threats with Function-Hooking DLLs: 7 Essential Process Activity Checks.

Let's discuss important sub topics under function hooking dll's.

Process Activity
Process Creation
Process Termination
Process Access
Image/Library Loaded
Remote Thread Creation
Process Tampering Activity

Get More here

Cynor Sense : Guide

600 位关注者

ARUN R M

CISO | CRISC | ECIH | CYBERLAW | AI (NO CODE LOW CODE) AUTOMATIONS

1 年

https://www.cynorsense.com/post/function-hooking-dlls-velociraptor-windows-defender

要查看或添加评论，请登录

Cynor Sense的更多文章

2023年5月21日

EDR : Architecture & Solutions (Part1)

We don't want to bore you with importance of EDR and what it is as we presume you have gone through number of articles…
2023年2月8日

#DFIR: DIGITAL FORENSICS INCIDENT RESPONSE

Quick steps to DFIR: Capture 'C' drive triage and memory of entire windows system using below commands packed in the…
2023年1月12日

Attack Surface Reduction #ASR

Cybersecurity is a constantly evolving field, with new threats emerging on a regular basis. Two important concepts in…
2022年12月25日

ATTACK SURFACE REDUCTION FROM WINDOWS

These are various types of security vulnerabilities that can potentially exist in a computer system. Hope SmartApp…
2022年10月20日

Cyber Risk - Financial Impact

Every single 39 seconds, a new attack happens in this world. Hackers target the easiest targets and look get the most…
2022年10月12日

CIS Hardening Automation SaltStack

Foreman + SaltStack + VMware/OpenStack/Xen Automation of CIS benchmarks ad fixing the VM for production. Installation…
2022年8月19日

Attack surface of your product.

Quick look through the eyes of hacker in to your product. https://dnsdumpster.
2022年6月29日

WP.29 CSMS and SUMS R155 and R156 regulations and the ISO/SAE 21434 standard

UNECE WP.29 & ISO/SAE 21434 - New Automotive Cybersecurity Standards The ISO/SAE Joint Working Group on…
2022年3月29日

TTP; "Tactics, Techniques, and Procedures"

TTP; "Tactics, Techniques, and Procedures" We offer the following diagram which explains how we see the placement of…
2021年10月5日

Pentesters Paradise

List of useful resources for pentesters and hackers We present to your attention a list of useful resources, thanks to…

See all articles

社区洞察

Programming

How can you write secure code that resists buffer overflow attacks?
Information Security

What is a zero-day vulnerability and how can you protect against it?
Reverse Engineering

What are the common vulnerabilities and risks of firmware updates?
Information Security

How do you keep up with the latest trends and developments in memory forensics?
Secure Shell (SSH)

How do you choose a strong passphrase for your SSH key?
Cybersecurity

How do you test your network's vulnerability?
Computer Forensics

What are the best tools and techniques for process injection analysis?
Cybersecurity

What are the best ways to detect kernel-level rootkits with Volatility?
Security Awareness

How can you avoid common myths about denial-of-service attacks?
Network Security

How can you identify advanced persistent threats (APTs) using TCP header analysis?

其他会员也浏览了

Security Initiatives ebook + this week's Threat Intel [inside]

SecurIT360 4 个月
Kubernetes Backup Tools

Trilio 9 个月
Uncovered LOLBAS:)

Yasin G?khan TA?KIN 2 个月
You should test your defences on a CONTINUOUS basis and not just quarterly

Annette Hieber 4 个月
BHIS Webcast -- Implementing Sysmon & Applocker

John Strand 5 年
Stealthy 'sedexp' Linux malware

Piotr Klepuszewski 6 个月
BOTNETS EXPLAINED: ZOMBIE COMPUTERS?

Dwaine "Rob" Roberts 5 年
Awesome Report about widespread Threat and techniques of attacker now 2020-2021

flavio critelli 3 年
what is a computer virus?

Silas Kinyi 1 年
New DFIR Project - Enjoy!

Mary Ellen Kennel 4 年

Get More here

Cynor Sense : Guide

600 位关注者

Cynor Sense的更多文章

EDR : Architecture & Solutions (Part1)

#DFIR: DIGITAL FORENSICS INCIDENT RESPONSE

Attack Surface Reduction #ASR

ATTACK SURFACE REDUCTION FROM WINDOWS

Cyber Risk - Financial Impact

CIS Hardening Automation SaltStack

Attack surface of your product.

WP.29 CSMS and SUMS R155 and R156 regulations and the ISO/SAE 21434 standard

TTP; "Tactics, Techniques, and Procedures"

Pentesters Paradise

社区洞察

其他会员也浏览了

Security Initiatives ebook + this week's Threat Intel [inside]

Kubernetes Backup Tools

Uncovered LOLBAS:)

You should test your defences on a CONTINUOUS basis and not just quarterly

BHIS Webcast -- Implementing Sysmon & Applocker

Stealthy 'sedexp' Linux malware

BOTNETS EXPLAINED: ZOMBIE COMPUTERS?

Awesome Report about widespread Threat and techniques of attacker now 2020-2021

what is a computer virus?

New DFIR Project - Enjoy!