HellsBells, Let's Hunt PowerShells!
Learn some methods for hunting and detecting PowerShells no matter the "methodology"
101 things the mainstream media doesn’t want you to know about PowerShell logging*
Go beyond the powerpoint and learn to detect maliciousness on PowerShell by using Splunk.
Spotting the Adversary… with Splunk
Wondering how to find the baddies in huge volumes of data? Work with Splunk & Windows event Log Monitoring – refer to table of event codes in NSA paper.
Detecting dynamic DNS domains in Splunk
While useful legitimately, hackers can use dynamic DNS domains to change IP address rapidly & exploit via malware-evil.duckdns[.]org; how to protect against?
