Blog

Complete Guide to WMI Malware.

WMI Malware: The Complete Forensics Guide

February 20, 2025

How to Find WMI Consumers

How to Find WMI Consumers: Complete Guide for IT & Investigators

February 14, 2025

How to investigate malware WMI Event Consumers.

How to Investigate Malware WMI Event Consumers 2025

February 6, 2025

What is a jump list?

What Is a Jump List?

January 29, 2025

What is jump list cache?

What Is Jump List Cache?

January 23, 2025

Learn how to do jump lists forensics in 2025

Jump Lists Forensics 2025

January 14, 2025

Information Artifacts: Simplify DFIR Analysis

January 7, 2025

3.13 Adds MemProcFS and Extends the S3 and Recorded Future Sandbox Integrations

December 18, 2024

3.12 Adds Data Exfiltration Detection, USB Devices, and Easier Validation

October 1, 2024

DFIR Breakdown: Impacket Remote Execution Activity – Smbexec

September 20, 2024

DFIR Next Steps: What To Do After You Find A Suspicious Use Of Remote Monitoring & Management Tools

September 9, 2024

DFIR Breakdown: Impacket Remote Execution Activity – atexec

August 29, 2024