THM – Osquery
Osquery is an open-source tool created by Facebook. With Osquery, Security Analysts, Incident Responders, Threat Hunters, etc., can query an endpoint (or multiple endpoints) using SQL syntax. Osquery can be
Tag: Windows
THM – Sysmon
Sysmon is an add-on tool for Microsoft windows for logging. With Sysmon you will be able to see detect malicious activity by tracking code and network traffic. Below you will
THM – Windows Event Logs
Per Wikipedia “Event logs record events taking place in the execution of a system to provide an audit trail that can be used to understand the activity of the system and