-
Greetings:
I am attempting to spin up Iris using our AD PKI created certs. Per the instructions, I need only place the cert.pem and key.pem in the certificates/web_certificates folder and then ref…
-
### The title of the playbook
URL remediation
### Purpose of the playbook
This playbook uses a domain as input information from the analysts. It queries the domain reputation feeds, verifies with U…
-
Can academia prepare students for a career in forensics? Are they trying? Are they failing? How can it be addressed? If they are succeeding, how?
-
**Is your feature request related to a problem? Please describe.**
We would like to develop a plugin which informs a REST API of all the modifications on the cases (see https://github.com/airbus-cybe…
-
From Phill Moore (@randomaccess3):
```powershell
$url = "https://dot.net/v1/dotnet-install.ps1"
$output = "$PSScriptRoot\dotnet-install.ps1"
Set-location $PSScriptRoot
$wc = New-Object System…
-
# Universally Unique Identifier for PIDS and child PIDS
Hello, hopefully I can dictate my issue I'm running into with Auditd.
If there is a solution to this that I'm not aware of, I'd be very inte…
-
Hi Jan,
Sometimes I face an error with this hive "usrclass.dat" and I tried to trouble shoot it but I couldn't spot the actual error.
Here is the printout error of the terminal once executed:
…
-
When discussing the role of the Brimcap plugin as part of #2785, I thought about how the plugin system was first introduced in #1573 to handle pcaps but hasn't yet been used for other data sources. Gi…
-
## The context
We need to be on the same page to discuss the problem and solution of Incident Response (IR) and Threat Detection (TD) connection. Here is some information that will provide you with…
-
As discussed internally, it would be great to add a Timebox to **_Windows.Hayabusa.Rules_** and **_Windows.Registry.Hunter_** to pre cut out noisy output when running all rule level/status across in s…