Detecting SAM registry hive dumps using Elastic!
You guys know what time it is? IT’S GO TIME! Time to dive in and learn how to detect a red teamer trying to grab your local SAM hashes from the registry.
👋 Welcome to the site!
Quick links to popular content can be found below:
Messagebox Shellcode
UAC Bypass Techniques
Create your own Netcat using Python
Quick links to popular content can be found below:
Messagebox Shellcode
UAC Bypass Techniques
Create your own Netcat using Python
Recent posts
Sending Sysmon Logs to Elastic ELK stack
Let’s pickup where we left off. If you haven’t done so already, please do check out the previous writeup on how to setup Elastic Stack, Logstash, and Kibana...
Installing Elastic Stack (ELK) from Scratch
Hey there red team….I mean BLUE TEAM cadet 😅 I don’t just focus on red team stuff you know…and it’s been long overdue that I do a writeup on not just red t...
ElevationStation - A walk through the development process [Finale/Wrapping things up]
Hello again cyber amigos! It’s time to draw our talk of ElevationStation to a close, well…at least this portion of Elevation Station. Stay tuned in the nea...
ElevationStation - A walk through the development process [PART 3]
Hey, we made it to part 3 already! Glad you are still hanging around and hopefully this part is as insightful and exciting to you as it was for me…er…I get ...