Tagged in

Purple Team

FalconForce

A team of highly specialized security professionals

More information

Followers

689

Elsewhere

More, on Medium

Purple Team

Jos van der Peet in FalconForce

Nov 26, 2021

FalconFriday — Code execution through Microsoft SQL Server and Oracle Database — 0xFF19

Henri Hambartsumyan in FalconForce

Oct 1, 2021

FalconFriday — Certified Pre-Owned— 0xFF12

On June 17th Will and Lee over at SpecterOps have published their impressive and…

Henri Hambartsumyan in FalconForce

Apr 23, 2021

FalconFriday — Password Spraying with(out) MDI— 0xFF10

1 response

Henri Hambartsumyan in FalconForce

Apr 9, 2021

FalconFriday — Process Injection revisited — 0xFF0F

Henri Hambartsumyan in FalconForce

Mar 12, 2021

FalconFriday — AV Manipulation — 0xFF0E

Today’s blog is based on Olaf Hartong’s recent research on malware behavior at scale. In this edition, we’ll look at how malware tampers with the local Windows Defender AV and how you can detect it.

Henri Hambartsumyan in FalconForce

Dec 18, 2020

FalconFriday — Catching more macros— 0xFF0A

In this year’s final FalconFriday we revisit the possibly most loved and hated…

Olaf Hartong in FalconForce

Nov 20, 2020

FalconFriday —Parent-child relationships & impersonation with RunAs— 0xFF07

FalconFriday — Code execution through Microsoft SQL Server and Oracle Database — 0xFF19

FalconFriday — Stealing and detecting Azure PRT cookies — 0xFF18

FalconFriday — Detecting ASR Bypasses — 0xFF17

FalconFriday — Detecting important data destruction by ransomware — 0xFF15

FalconFriday — Certified Pre-Owned— 0xFF12

FalconFriday — Password Spraying with(out) MDI— 0xFF10

FalconFriday — Process Injection revisited — 0xFF0F

FalconFriday — AV Manipulation — 0xFF0E

FalconFriday — Catching more macros— 0xFF0A

FalconFriday —Parent-child relationships & impersonation with RunAs— 0xFF07