GitHub

powershell_fileless_script_contains_base64_encoded_content.yml

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
GitHub

registry_keys_used_for_persistence.yml

description: The following analytic identifies modifications to registry keys commonly used for persistence mechanisms. It leverages data from endpoint detection sources like Sysmon or Carbon Black, ...
note

Visualizing the Shop Floor: In-House Production Management Board Built with Excel and Python Flask

This is a memo regarding a production management board I built for internal use. We are always running multiple projects simultaneously, not just the immediate ones, but also future ones with flexible ...