Thursday, May 09, 2019

Thursday, December 13, 2018

Monday, April 23, 2018

SANS Blue Team Summit


Here is a copy of my SANS Blue Team Summit talk Threat Hunting via Windows Event Logs

Tuesday, April 03, 2018

Friday, September 22, 2017

DerbyCon 7: DeepBlueCLIv2 Talk and links

Here's a link to my DerbyCon 7 talk: Introducing DeepBlueCLI v2, Now Available in PowerShell and Python

Last year's talk: http://www.ericconrad.com/2016/09/deepbluecli-powershell-module-for-hunt.html

 DeepBlueCLIv2

References:
  1. Deconstructing Petya: how it spreads and how to fight back, https://nakedsecurity.sophos.com/2017/06/28/deconstructing-petya-how-it-spreads-and-how-to-fight-back/
  2. Mandiant M-Trends 2015, https://www2.fireeye.com/rs/fireye/images/rpt-m-trends-2015.pdf
  3. Command Line Kung Fu Episode #31: Remote Command Execution, http://blog.commandlinekungfu.com/2009/05/episode-31-remote-command-execution.html
  4. https://github.com/jaredhaight/PSAttack
  5. https://github.com/darkoperator/Posh-VirusTotal
  6. https://www.virustotal.com/en/documentation/public-api/
  7. http://blog.securityonion.net/2017/09/elastic-stack-alpha-release-and.html
  8. https://github.com/philhagen/sof-elk
  9. https://nxlog.co/products/nxlog-enterprise-edition
  10. https://github.com/williballenthin/python-evtx
  11. https://github.com/libyal/libevtx