Tag: powershell
-
Log4J – CrowdStrike RTR Script
Vendors are offering tools left and right since the Log4J fun ruined most peoples Christmas break. Amongst these Vendors is CrowdStrike……
-
CrowdStrike – On-Demand Scan v1
One of the downsides to CrowdStrike is no on-demand scanning. On one hand you can see why, on the other, you have use cases that need it…..
-
CS-MalQuery – Part 2
Github:https://github.com/securethelogs/Powershell/blob/master/CrowdStrike/CS-MalQuery.ps1 Since writing part 1 (Here), I’ve been looking into how to expand on the script. I had a thought… if I’m a user and have gotten to the point I’m running this script, I may need more information than if it’s just there. This made me add the Hybrid-Analysis API and Actors API from…
-
CrowdStrike – MalQuery API
Github: https://github.com/securethelogs/Powershell/blob/master/CrowdStrike/CS-MalQuery.ps1 The MalQuery API from CrowdStrike helps their customers validate if the protection is there for a certain IOCs. Nowadays, we are bombarded with IOCs and because there are so many, for some, skimming through and extracting what they can block is more efficient than reading them all. Sometimes it’s good to see the…
-
Bad Logic App – C2 Simulation
simulation. Running attack simulations internally is very important to build/improve security posture. C2 servers are very common in the wild so…
amoran.io 