/SecurityResearcher-Note

Cover various security approaches to attack techniques and also provides new discoveries about security breaches.

image

Welcome to @SecurityResearcher-Note

In this repository, I will cover various security approaches to attack techniques and share new discoveries about security breaches. Through the new discoveries and learnings shared in this repository, I hope to provide helpful insights for those involved in security operations, hunting, incident response, and more.

  1. Security Research-Note
  2. Product Research-Note

Security Research-Note

Day Title Comment
Day1 Day1-Basic-Malware-Analysis.md
Day2 Day2-APT29-Part1-Overview.md
Day2-APT29-Part2-Midnight-Blizzard.md
Day2-APT29-Part3-Midnight-Blizzard.md
Day2-APT29-Part4-Midnight-Blizzard-MDE-EvaluationLab.md
Russia-based activity group
Day3 Day3-Microsoft-ThreatActorNamingTaxonomy.md
Day4 Day4-Mango-Sandstorm-Part1-Overview.md
Day4-Mango-Sandstorm-Part2-AttackTechniques-Insights.md
Day4-Mango-Sandstorm-Part3-AttackTechniques-Insights.md
Iran-based activity group
Day5 Day5-AntivirusConfig-Tips.md EPP
Day6 Day6-M365D-XDR-AutomaticAttackDisruption.md AiTM, BEC,
Human-operated ransomware
Day7 Day7-AiTM-Insights-XDR.md AiTM, BEC
Day8 Day8-WebShell-Insights-XDR.md Web shell
Day9 Day9-XDR-Insights-part1.md XDR
Day10 Day10-XDR-Insights-part2.md XDR
Day11 Day11-MalwareAnalysis-Insights-part1.md
Day11-MalwareAnalysis-Insights-part2.md
Malware Analysis
EDR, XDR
Day12 Day12-Volt-Typhoon-Base64.md
Day12-Volt-Typhoon-Base64.pdf - <PDF>
China-based activity group
Base64, Credential dumping
Day13 Day13-WDigest-credential-harvesting-attack.md WDigest, Mimikatz
Day14 Day14-macOS-SIP-Bypass-Insights.md SIP Bypass
macOS vulnerability

Product Research-Note

Day Title Comment
Day1 Day01-MDE-MDI-BetterTogether-Part1.md Reconnaissance, SAMR
Day2 Day02-MDE-MDI-BetterTogether-Part2.md Reconnaissance, SMB, LDAP
Day3 [MDO File Detonation & Deep Analysis] SOON !!

Security Experience-Note

TBD

Other

Microsoft Security Blog

Event Speaker

image

Disclaimer

The views and opinions expressed herein are those of the author and do not necessarily reflect the views of company.