Sharing our knowledge
Knowledge center
Microsoft Defender for Endpoint Internals 0x05 — Telemetry for sensitive actions
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Leg ups: helping hand or red team failure?
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
The missing verclsid.exe documentation
FalconFriday — Catching more macros—0xFF0A
FalconFriday — Teams RCE & FireEye tools— 0xFF09
FalconFriday — RPC service creation & SharpRDP — 0xFF08
FalconFriday —Parent-child relationships & impersonation with RunAs— 0xFF07
FalconFriday — DLL hijacking & suspicious unsigned files 0xFF06
FalconFriday — DCOM & SCM Lateral Movement — 0xFF05
FalconFriday — Evasive LOLBINs and burning the CACTUSTORCH — 0xFF04
The curious case of Realtek and LSASS
Together. Secure. Today.
Stay in the loop and sign up to our newsletter
FalconForce realizes ambitions by working closely with its customers in a methodical manner, improving their security in the digital domain.
Energieweg 3
3542 DZ Utrecht
The Netherlands
FalconForce B.V.
[email protected]
(+31) 85 044 93 34
KVK 76682307
BTW NL860745314B01