Sharing our knowledge
Knowledge center
Detection engineering rabbit holes - parsing ASN.1 packets in KQL
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Azure DevOops 0x01 – It is not my machines, it is your code!
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...

FalconFriday — EzETW — Got To Catch Them All…

FalconFriday — Detecting realistic AWS cloud-attacks using Azure Sentinel — 0xFF1C
FalconFriday — Suspicious named pipe events — 0xFF1B

FalconFriday —Monitoring for public shares — 0xFF1A

FalconFriday — Code execution through Microsoft SQL Server and Oracle Database — 0xFF19

BOF2shellcode — a tutorial converting a stand-alone BOF loader into shellcode

Sysmon vs Microsoft Defender for Endpoint, MDE Internals 0x01

FalconFriday — Stealing and detecting Azure PRT cookies — 0xFF18

FalconFriday — Detecting ASR Bypasses — 0xFF17
No results found.
Together. Secure. Today.
Stay in the loop and sign up to our newsletter

FalconForce realizes ambitions by working closely with its customers in a methodical manner, improving their security in the digital domain.
Energieweg 3
3542 DZ Utrecht
The Netherlands
FalconForce B.V.
[email protected]
(+31) 85 044 93 34
KVK 76682307
BTW NL860745314B01