Detecting Lateral Movement through Tracking Event Logs (Version 2) Logo

Detecting Lateral Movement through Tracking Event Logs (Version 2)

0
Free
Visit Website

This report is intended for incident investigation and explains what logs are recorded and what files are created upon execution of tools/commands that are often used in lateral movement. Updated Contents: This report is intended for incident investigation and explains what logs are recorded and what files are created upon execution of tools/commands that are often used in lateral movement. While the previous report mainly focused on investigation on event logs and registry entries, this updated report also covers other types of logs and files that are created during lateral movement. The report includes analysis results of various tools and commands that are likely used by attackers in lateral movement, and provides information on how to identify and analyze these tools and commands. The report is intended for incident responders, security analysts, and other professionals who are involved in incident response and incident investigation.

FEATURES

ALTERNATIVES

A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.

An automation platform with community support and documentation for easy development.

A Sysmon configuration file template with detailed explanations and tutorial-like features.

Open-source security automation platform for automating security alerts and building AI-assisted workflows.

Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.

Scripts to quickly fix security and compliance issues

AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.

Open-source abuse management toolkit for automating and improving the abuse handling process.