DFIR vs EDR vs Malware Analysis vs Cyber Crime vs Legally Admissible Digital Forensics vs Law Enforcement . (Don’t get it twisted. )

DFIR vs EDR vs Malware Analysis vs Cyber Crime vs Legally Admissible Digital Forensics vs Law Enforcement . (Don’t get it twisted. )

Cyber Security can become very convoluted due to similarities, but the nuances makes a big differences. Allot of people talk about the above terms as if there are all the same use cases. I am going to just detail the differences for these use cases. Even thou, the technical skills are the same level.

Write Blocker

Bypass Evade AV/EDR / Remoting

Bypass Evade AV/EDR / Remoting

Red Team Tools

  • Nuclei Templates
  • Identifies attempt to coerce a local NTLM authentication via HTTP using Printer Spooler service as a target. Anadversary may use this primitive in combination with other techniques to elevate privileges on a compromised system.
    • https://github.com/topotam/PetitPotam
    • https://github.com/med0x2e/NTLMRelay2Self
  • https://github.com/S3cur3Th1sSh1t/MultiPotato
  • The Curious Case Of Mavinject.Exe
    • https://fourcore.io/blogs/mavinject-curious-process-injection?fbclid=IwAR1JrmFp5otKS-jx1UidsjPBvL6zoAKKiWY7PThZlBdvNCM-mLuoPNp8bSU
    • https://www.linkedin.com/posts/soumyadeep-bas_this-week-i-read-an-awesome-analysis-of-a-activity-6929052791399137280-LrLV?utm_source=linkedin_share&utm_medium=member_desktop_web
  • Potato
    • https://github.com/S3cur3Th1sSh1t/MultiPotato