Published inPosts By SpecterOps Team MembersDetection Engineering using Apple’s Endpoint Security FrameworkReferencing the Funnel of Fidelity, this post will cover both collection and detection stages.Jan 30, 2020Jan 30, 2020
Published inPosts By SpecterOps Team MembersIntroducing Venator: A macOS tool for proactive detectionBackground & IntroductionApr 24, 2019Apr 24, 2019
Hunting for Bad Apples — Part 2In the previous post in this series, I introduced the use case of an attacker persisting via a LaunchAgent/Daemon, and a few osquery…Jul 20, 2018Jul 20, 2018
Published inPosts By SpecterOps Team MembersHunting for Bad Apples — Part 2In the previous post in this series, I introduced the use case of an attacker persisting via a LaunchAgent/Daemon, and a few osquery…Jul 20, 2018Jul 20, 2018
Published inPosts By SpecterOps Team MembersHunting for Bad Apples — Part 1How does one begin attempting to identify spoiled apples in a large bin full of apples? To start, you have accept that there may be at…Jun 25, 20181Jun 25, 20181
Hunting for Bad Apples — Part 1How does one begin attempting to identify spoiled apples in a large bin full of apples? To start, you have accept that there may be at…Jun 25, 2018Jun 25, 2018
CSAW CTF PreQuals 2015 — Recon Write UpRecently, I have become interested in the world of CTF’s (Capture The Flag) competitions. I’ve participated in, and have had some success…Sep 22, 2015Sep 22, 2015
SANS Network Forensics Challenge 2015 Write-upA while back, when I was new to Infosec, a colleague and friend of mine Stephen Reese pointed me in the direction of this book. That…May 7, 2015May 7, 2015
