Forum Discussion

Bronze I

2 months ago

APT29 Threat Hunting with Elasticsearch: Ep.11 – Demonstrate Your Skills

Hello! I could rather easily get the answers for the other questions, but Q6 has really taken me aback. The question is: A PowerShell script was executed to assist with further enumeration. What co...

defensive cyber

RobN

Bronze III

2 months ago

As far as I remember on these labs I searched for the powershell codes within elasticsearch and then looked at what it was passing alongside powershell.exe

Forum Discussion

APT29 Threat Hunting with Elasticsearch: Ep.11 – Demonstrate Your Skills

Related Content

APT29 Threat Hunting with Elasticsearch: Ep.5 – LNK File Analysis - Tools?

Zeek - Demonstrate Your Skills

Autopsy: Demonstrate Your Skills

FIN7 Threat Hunting with Splunk: Ep.3 – Execution Logs

PoshC2: Ep.6 – Demonstrate Your Skills

Recent Discussions

SOAR: Demonstrate Your Skills

Zeek Ep 4 Scripting

Measuring Cyber Resilience: What's the Key Metric?

Malware Analysis: Shlayer

Web Log Analysis: Ep.5 – Searching Web Server Logs using Linux CLI