Behavioral task
behavioral1
Sample
9d0351a5e6f5beb4d8e1c7ab5a08dc43916da8a76128487d52345dbfe20115d4.pdf
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral2
Sample
9d0351a5e6f5beb4d8e1c7ab5a08dc43916da8a76128487d52345dbfe20115d4.pdf
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
9d0351a5e6f5beb4d8e1c7ab5a08dc43916da8a76128487d52345dbfe20115d4
-
Size
10.4MB
-
MD5
3b96a2e89a8a53ba7bcb5df95cf1738b
-
SHA1
311d4ed9c41f0c7ea4d22ef3e426e827dff9053b
-
SHA256
9d0351a5e6f5beb4d8e1c7ab5a08dc43916da8a76128487d52345dbfe20115d4
-
SHA512
8210cc8228fc467977f0f6969b87401fee05cf640bf371ee0cb315291c479516d42281ade27d7be64da23b430bf792b7ce87e135779deebade5bfab8977b0c3e
-
SSDEEP
196608:XVrb5vf+2q08aGRuFk4G8v9sOIP0TOXHib/tZoFmzav:zdqICuCmlgFmW
Malware Config
Signatures
Files
-
9d0351a5e6f5beb4d8e1c7ab5a08dc43916da8a76128487d52345dbfe20115d4.pdf
-
https://gitlab.com/kalilinux/documentation/kali-purple
-
https://blueteamlabs.online/
-
https://letsdefend.io/
-
https://github.com/SoC-Lab/FailsafeECU
-
https://github.com/StevenD33/Lab-DFIR-SOC
-
https://github.com/snir-k/Virtual-SOC-Lab
-
https://github.com/cyb3rxp/awesome-soc
-
https://www.youtube.com/watch?v=iYjfY0WfPCs&ab_channel=SophosMSPGlobal
-
https://logrhythm.com/blog/7-steps-to-build-your-security-operations-center/
-
https://gbhackers.com/how-to-build-and-run-a-security-operations-center/
-
https://www.securitymagazine.com/articles/98722-building-a-security-operations-center-soc-on-a-budget
-
https://blog.rsisecurity.com/how-to-build-a-security-operations-center/
-
https://drive.google.com/file/d/1MM5Y5PBr2RM7rUET5MdGH29952MivPwc/view?usp=sharing
-
https://github.com/LetsDefend/SOC-Interview-Questions
-
https://github.com/xaphody/SOC-Analyst-Tool
-
https://github.com/Technawi/SOC-Analyst-Diploma/tree/main/Network%20Security%20(CND)
-
https://www.udemy.com/course/soc-analyst-cyber-security-training-with-siem-solution/
-
https://www.cybrary.it/catalog/career-path/soc-analyst-level-1/
-
https://www.youtube.com/watch?v=qcK348DAqSo&ab_channel=SIEMXPERT
-
https://github.com/DoGByTe-ZN/infosec-resources4all
-
https://socradar.io/top-cyber-attacks-to-cryptocurrency-exchanges-and-blockchain-companies-in-2021/
-
https://socradar.io/10-best-dark-deep-web-browsers-for-anonymity/
-
https://socradar.io/defending-against-persistent-threats/
-
https://decoded.avast.io/danielbenes/crackonosh-a-new-malware-distributed-in-cracked-software/
-
https://www.enisa.europa.eu/publications/info-notes/cryptojacking-cryptomining-in-the-browser
-
https://socradar.io/what-are-botnets-digital-zombie-herds/
-
https://socradar.io/suites/digital-risk-protection/phishing-detection-and-mitigation/
-
https://socradar.io/what-do-you-know-about-the-log4j-critical-vulnerability-and-what-can-we-do/
-
https://socradar.io/what-is-cryptocurrency-mining-malware/
-
https://otx.alienvault.com/pulse/5c437e066b31ef12eb67bc2b
-
https://jenkins.io/index.html
-
https://research.checkpoint.com/jenkins-miner-one-biggest-mining-operations-ever-discovered/
-
https://jenkins.io/press/
-
https://blog.checkpoint.com/2018/02/15/crypto-miners-now-target-jenkins-servers/
-
https://jenkins.io/security/advisory/2017-04-26/
-
https://www.csoonline.com/article/3256314/hackers-exploit-jenkins-servers-make-3-million-by-mining-monero.html
-
http://www.codeproject.com/Articles/36907/How-to-develop-your-own-Boot-Loader#_Toc231383168
-
https://en.wikipedia.org/wiki/Master_boot_record
-
http://searchwindowsserver.techtarget.com/definition/master-file-table
-
https://www.virustotal.com/en/file/019a6fda29af707476b2c58e5b6bbf306e8c248671c8f4dc7424e474018376a1/analysis/
-
https://www.virustotal.com/en/file/26b4699a7b9eeb16e76305d843d4ab05e94d43f3201436927e13b3ebafa90739/analysis/
-
https://virustotal.com/en/file/542a38bf52afa6a4a008089a6fbf22c9d68ef5d6c634dd2c0773d859a8ae2bbf/analysis/
-
https://www.virustotal.com/en/file/0c8b0d0d099721bde8b26f699bf577adf4fea7e50a755833fbb75d8489596010/analysis/
-
https://www.virustotal.com/en/file/4c1dc737915d76b7ce579abddaba74ead6fdb5b519a1ea45308b8c49b950655c/analysis/
-
https://twitter.com/Cyb3rOps
-
https://twitter.com/PetrBenes
-
https://twitter.com/hasherezade/status/715153359154593792
-
https://en.wikipedia.org/wiki/User_Account_Control
-
https://en.wikipedia.org/wiki/CHKDSK
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/petya_exe-1.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/uac_popup.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/1.png
-
https://en.wikipedia.org/wiki/Blue_Screen_of_Death
-
https://hshrzd.wordpress.com/2016/03/31/petya-key-decoder/
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/2.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/3.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/before_reboot.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/destroyed_filesystem.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/infected_disk_fragment.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/page_main.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/guide.png
-
https://www.malwarebytes.com/blog/threat-analysis/2015/12/malware-crypters-the-deceptive-first-layer/
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/news.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/petya_payload_mem.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/petya_payload_mem2.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/setup_dll.png
-
https://msdn.microsoft.com/pl-pl/library/windows/desktop/aa379942%28v=vs.85%29.aspx
-
https://msdn.microsoft.com/pl-pl/library/windows/desktop/aa363216%28v=vs.85%29.aspx
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/gen_random.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/generated_random.png
-
http://undocumented.ntinternals.net/index.html?page=UserMode%2FUndocumented%20Functions%2FError%2FNtRaiseHardError.html
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/device_io_control.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/physical_drive_create2.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/raise_error.png
-
https://www.virustotal.com/en/file/494dc5755e5b70ccead8074d00cafdb2d16a0f9cf4987446e0f6db209913d816/analysis/1459042011/
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/infected.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/petya_string.png
-
https://github.com/alexwebr/salsa20
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/copy_sectors.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/jump_next-1.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/to_fake_chkdsk-1.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/04/flow_to_salsa.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/04/check_key.png
-
https://en.wikipedia.org/wiki/User_space
-
http://bochs.sourceforge.net/doc/docbook/user/internal-debugger.html
-
https://gist.github.com/hasherezade/5c283e80785395fcb4ae
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/processed_password.png
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/decrypting_petya.png
-
http://blog.checkpoint.com/2016/04/11/decrypting-the-petya-ransomware/
-
https://www.malwarebytes.com/blog/news/2016/04/petya-ransomware
-
https://www.malwarebytes.com/blog/images/uploads/2016/03/petya_last-1.png
-
https://attack.mitre.org/
-
https://attack.mitre.org/matrices/enterprise/pre/
-
https://attack.mitre.org/matrices/enterprise/
-
https://attack.mitre.org/matrices/mobile/
-
https://pages.nist.gov/mobile-threat-catalogue/
-
https://collaborate.mitre.org/attackics/index.php/Main_Page
-
https://cltc.berkeley.edu/wp-content/uploads/2020/10/MITRE_ATTCK_Framework_Report.pdf
-
https://us-cert.cisa.gov/sites/default/files/publications/Best%20Practices%20for%20MITRE%20ATTCK%20Mapping.pdf
-
https://www.vmware.com/vmworld/en/video-library/video-landing.html?sessionid=1623372911963001PDAq
-
https://learn.microsoft.com/en-us/windows/win32/procthread/fibers
-
https://learn.microsoft.com/en-us/windows/win32/procthread/what-s-new-in-processes-and-threads
-
https://learn.microsoft.com/en-us/windows/win32/procthread/about-processes-and-threads
-
https://learn.microsoft.com/en-us/windows/win32/procthread/using-processes-and-threads
-
https://learn.microsoft.com/en-us/windows/win32/procthread/process-and-thread-reference
-
https://learn.microsoft.com/en-us/windows/win32/procthread/processes-and-threads
-
https://eforensicsmag.com/windows-process-internals-a-few-concepts-to-know-before-jumping-on-memory-forensics-by-kirtar-oza/
-
https://eforensicsmag.com/windows-process-internals-a-few-concepts-to-know-before-jumping-on-memory-forensics-part-2-ldrmodules-by-kirtar-oza/
-
https://eforensicsmag.com/windows-process-internals-a-few-concepts-to-know-before-jumping-on-memory-forensics-part-3-journey-in-to-the-psloadedmodulelist-loaded-kernel-modules-by-kirtar-oza/
-
https://eforensicsmag.com/85384-2/
-
https://medium.com/@ashabdalhalim/a-light-on-windows-10s-object-header-typeindex-value-e8f907e7073a
-
https://www.linkedin.com/in/ashabdalhalim/
-
https://twitter.com/AshAbdalhalim
-
https://imphash.medium.com/windows-process-internals-a-few-concepts-to-know-before-jumping-on-memory-forensics-part-5-a-2368187685e
-
https://learn.microsoft.com/en-us/powershell/scripting/overview
-
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/cscript
-
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/wscript
-
https://learn.microsoft.com/en-us/windows/win32/debug/system-error-codes
-
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-xp/bb490982(v=technet.10)
-
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/windows-commands
-
https://www.geeksforgeeks.org/vbscript-introduction/
-
https://learn.microsoft.com/en-us/windows/win32/lwef/using-vbscript
-
https://learn.microsoft.com/en-us/windows/win32/eventlog/about-event-logging
-
https://learn.microsoft.com/en-us/windows/win32/eventlog/using-event-logging
-
https://learn.microsoft.com/en-us/windows/win32/eventlog/event-logging-reference
-
https://learn.microsoft.com/en-us/windows/win32/eventlog/event-types
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=1100
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=1101
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=1102
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=1104
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=1105
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=1108
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4608
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4609
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4610
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4611
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4612
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4614
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4615
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4616
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4618
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4621
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4622
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4624
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4625
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4626
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4627
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4634
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4646
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4647
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4648
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4649
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4650
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4651
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4652
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4653
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4654
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4655
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4656
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4657
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4658
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4659
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4660
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4661
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4662
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4663
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4664
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4665
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4666
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4667
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4668
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4670
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4671
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4672
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4673
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4674
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4675
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4688
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4689
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4690
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4691
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4692
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4693
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4694
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4695
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4696
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4697
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4698
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4699
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4700
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4701
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4702
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4703
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4704
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4705
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4706
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4707
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4709
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4710
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4711
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4712
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4713
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4714
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4715
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4716
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4717
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4718
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4719
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4720
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4722
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4723
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4724
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4725
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4726
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4727
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4728
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4729
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4730
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4731
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4732
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4733
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4734
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4735
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4737
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4738
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4739
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4740
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4741
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4742
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4743
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4744
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4745
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4746
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4747
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4748
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4749
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4750
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4751
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4752
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4753
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4754
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4755
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4756
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4757
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4758
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4759
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4760
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4761
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4762
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4763
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4764
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4765
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4766
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4767
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4768
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4769
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4770
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4771
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4772
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4773
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4774
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4775
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4776
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4777
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4778
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4779
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4780
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4781
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4782
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4783
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4784
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4785
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4786
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4787
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4788
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4789
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4790
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4791
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4792
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4793
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4794
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4797
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4798
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4799
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4800
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4801
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4802
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4803
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4816
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4817
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4818
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4819
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4820
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4821
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4822
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4823
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4824
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4825
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4826
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4830
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4864
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4865
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4866
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4867
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4868
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4869
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4870
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4871
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4872
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4873
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4874
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4875
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4876
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4877
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4878
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4879
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4880
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4881
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4882
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4883
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4884
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4885
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4886
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4887
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4888
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4889
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4890
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4891
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4892
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4893
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4894
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4895
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4896
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4897
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4898
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4899
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4900
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4902
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4904
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4905
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4906
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4907
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4908
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4909
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4910
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4911
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4912
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4913
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4928
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4929
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4930
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4931
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4932
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4933
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4934
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4935
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4936
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4937
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4944
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4945
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4946
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4947
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4948
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4949
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4950
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4951
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4952
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4953
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4954
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4956
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4957
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4958
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4960
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4961
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4962
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4963
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4964
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4965
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4976
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4977
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4978
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4979
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4980
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4981
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4982
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4983
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4984
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4985
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5024
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5025
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5027
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5028
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5029
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5030
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5031
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5032
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5033
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5034
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5035
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5037
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5038
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5039
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5040
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5041
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5042
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5043
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5044
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5045
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5046
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5047
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5048
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5049
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5050
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5051
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5056
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5057
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5058
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5059
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5060
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5061
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5062
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5063
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5064
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5065
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5066
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5067
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5068
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5069
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5070
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5071
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5120
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5121
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5122
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5123
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5124
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5125
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5126
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5127
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5136
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5137
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5138
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5139
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5140
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5141
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5142
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5143
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5144
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5145
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5146
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5147
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5148
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5149
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5150
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5151
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5152
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5153
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5154
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5155
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5156
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5157
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5158
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5159
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5168
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5169
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5170
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5376
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5377
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5378
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5379
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5380
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5381
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5382
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5440
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5441
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5442
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5443
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5444
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5446
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5447
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5448
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5449
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5450
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5451
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5452
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5453
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5456
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5457
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5458
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5459
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5460
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5461
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5462
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5463
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5464
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5465
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5466
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5467
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5468
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5471
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5472
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5473
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5474
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5477
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5478
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5479
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5480
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5483
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5484
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5485
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5632
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5633
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5712
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5888
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5889
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=5890
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6144
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6145
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6272
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6273
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6274
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6275
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6276
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6277
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6278
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6279
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6280
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6281
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6400
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6401
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6402
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6403
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6404
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6405
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6406
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6407
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6408
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6409
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6410
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6416
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6417
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6418
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6419
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6420
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6421
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6422
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6423
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=6424
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=8191
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/
-
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.diagnostics/get-winevent
-
https://msdn.microsoft.com/library/windows/desktop/bb427443(v=vs.85).aspx
-
https://en.wikipedia.org/wiki/security_information_and_event_management
-
https://learn.microsoft.com/en-us/sysinternals/downloads/sdelete
-
https://twitter.com/markrussinovich
-
https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon
-
https://securelist.com/server-side-attacks-cc-in-public-clouds-mdr-cases/107826/#_ftn1
-
https://ajpc500.github.io/c2/Using-CloudFlare-Workers-as-Redirectors/
-
https://securelist.com/server-side-attacks-cc-in-public-clouds-mdr-cases/107826/#_ftn2
-
https://lolbas-project.github.io/lolbas/Libraries/comsvcs/
-
https://www.cobaltstrike.com/
-
https://www.offensive-security.com/metasploit-unleashed/about-meterpreter/
-
https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control
-
https://opentip.kaspersky.com/106BC66F5A6E62B604D87FA73D70A708/?utm_source=SL&utm_medium=SL&utm_campaign=SL
-
https://lolbas-project.github.io/lolbas/Scripts/Syncappvpublishingserver/
-
https://opentip.kaspersky.com/F0829E688209CA94305A256B25FEFAF0/?utm_source=SL&utm_medium=SL&utm_campaign=SL
-
http://www.tixati.com/
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01134741/The_most_interesting_recent_MDR_cases_01.png
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01134809/The_most_interesting_recent_MDR_cases_02.png
-
https://opentip.kaspersky.com/383D20DE8F94D12A6DED1E03F53C1E16/?utm_source=SL&utm_medium=SL&utm_campaign=SL
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01140050/The_most_interesting_recent_MDR_cases_03.png
-
https://learn.microsoft.com/ru-ru/sysinternals/downloads/psexec
-
https://opentip.kaspersky.com/6C62BEED54DE668234316FC05A5B2320/?utm_source=SL&utm_medium=SL&utm_campaign=SL
-
https://opentip.kaspersky.com/B83C9905F57045110C75A950A4EE56E4/?utm_source=SL&utm_medium=SL&utm_campaign=SL
-
https://opentip.kaspersky.com/AE03B4C183EAA7A4289D8E3069582930/?utm_source=SL&utm_medium=SL&utm_campaign=SL
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01143525/The_most_interesting_recent_MDR_cases_04.png
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01151203/The_most_interesting_recent_MDR_cases_05.png
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01151250/The_most_interesting_recent_MDR_cases_06.png
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01151332/The_most_interesting_recent_MDR_cases_07.png
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01151418/The_most_interesting_recent_MDR_cases_08.png
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01151454/The_most_interesting_recent_MDR_cases_09.png
-
https://securelist.com/server-side-attacks-cc-in-public-clouds-mdr-cases/107826/#_ftnref1
-
https://securelist.com/server-side-attacks-cc-in-public-clouds-mdr-cases/107826/#_ftnref2
-
https://www.kaspersky.com/about/press-releases/2022_kaspersky-edr-expert-confirms-100-protection-from-lsass-attacks-in-av-comparatives-research
-
https://securelist.com/server-side-attacks-cc-in-public-clouds-mdr-cases/107826/
-
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/11/01151601/The_most_interesting_recent_MDR_cases_10.png
-
https://www.calcomsoftware.com/principles-in-active-directory-security/
-
https://www.calcomsoftware.com/kerberos-tickets-and-authentication-in-active-directory/
-
https://www.calcomsoftware.com/server-hardening-suite/?utm_source=blogpost&utm_medium=blog&utm_campaign=blogpost
-
https://www.calcomsoftware.com/windows-swerver-vulnerabilities/
-
https://ir0nstone.gitbook.io/notes/types/stack/introduction
-
https://tryhackme.com/room/bof1
-
https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000001-stack-based-overflow-50fe48d58f10
-
https://dmz.torontomu.ca/wp-content/uploads/2021/03/Binary-Exploitation-201.pdf
-
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Upload%20Insecure%20Files/Configuration%20IIS%20web.config/web.config
-
https://soroush.secproject.com/blog/2014/07/upload-a-web-config-file-for-fun-profit/
-
https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/IIS.fuzz.txt
-
http://itdrafts.blogspot.com/2013/02/aspnetclient-folder-enumeration-and.html
-
https://github.com/digination/dirbuster-ng/blob/master/wordlists/vulns/iis.txt
-
https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/SVNDigger/cat/Language/aspx.txt
-
https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/SVNDigger/cat/Language/asp.txt
-
https://raw.githubusercontent.com/xmendez/wfuzz/master/wordlist/vulns/iis.txt
-
https://blog.mindedsecurity.com/2018/10/from-path-traversal-to-source-code-in.html
-
https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
-
https://github.com/irsdl/IIS-ShortName-Scanner
-
https://soroush.secproject.com/downloadable/microsoft_iis_tilde_character_vulnerability_feature.pdf
-
https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/
-
https://infosecwriteups.com/how-i-hacked-facebook-part-two-ffab96d57b19
-
https://blog.orange.tw/2022/08/lets-dance-in-the-cache-destabilizing-hash-table-on-microsoft-iis.html
-
https://portswigger.net/web-security/file-path-traversal
-
https://portswigger.net/web-security/file-upload#exploiting-flawed-validation-of-file-uploads
-
https://portswigger.net/web-security/information-disclosure/exploiting#source-code-disclosure-via-backup-files
-
https://portswigger.net/web-security/information-disclosure
-
https://portswigger.net/web-security/all-labs#file-upload-vulnerabilities
-
https://portswigger.net/web-security/file-upload/lab-file-upload-remote-code-execution-via-web-shell-upload
-
https://portswigger.net/web-security/file-upload
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F6784.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F28620.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2006-3918
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F10241.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2002-0840
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F5156.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2000-1104
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2005-2379
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2006-0032
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F5566.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2007-1499
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F17810.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F7291.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F43713.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F32737.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2007-0939
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F5441.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2000-0942
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F8659.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2002-0504
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F8539.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fwww.iss.net%2Fsecurity_center%2Fstatic%2F34343.php
-
https://www.ibm.com/links?url=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2007-2581
-
https://twitter.com/share?url=https%3a%2f%2fportswigger.net%2fweb-security%2ffile-upload&text=File+uploads+%7c+Web+Security+Academy%0A
-
https://github.com/cldrn/macphish
-
https://github.com/cedowens/Mythic-Macro-Generator
-
https://book.hacktricks.xyz/generic-methodologies-and-resources/phishing-methodology/phishing-documents
-
https://www.ired.team/offensive-security/initial-access/phishing-with-ms-office/inject-macros-from-a-remote-dotm-template-docx-with-macros
-
https://www.ired.team/offensive-security/initial-access/phishing-with-ms-office/t1173-dde
-
https://www.techtarget.com/searchwindowsserver/Comprehensive-PowerShell-guide-for-new-and-seasoned-admins
-
https://www.techtarget.com/searchwindowsserver/tip/Why-move-to-PowerShell-7-from-Windows-PowerShell
-
https://www.techtarget.com/searchwindowsserver/tip/Getting-a-handle-on-certificate-management-in-Windows-shops
-
https://www.techtarget.com/searchwindowsserver/tip/Understanding-the-parameters-of-Windows-PowerShell-functions
-
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/export-clixml?view=powershell-7
-
https://www.techtarget.com/searchwindowsserver/tutorial/PowerShell-7-remoting-expands-management-horizons
-
https://www.techtarget.com/searchwindowsserver/tutorial/Implement-simple-server-monitoring-with-PowerShell
-
https://blog.trendmicro.com/trendlabs-security-intelligence/word-and-excel-files-infected-using-windows-powershell/
-
https://blog.trendmicro.com/trendlabs-security-intelligence/another-potential-muddywater-campaign-uses-powershell-based-prb-backdoor/
-
https://blog.trendmicro.com/trendlabs-security-intelligence/iqy-and-powershell-abused-by-spam-campaign-to-infect-users-in-japan-with-bebloh-and-ursnif/
-
https://blog.trendmicro.com/trendlabs-security-intelligence/miner-malware-spreads-beyond-china-uses-multiple-propagation-methods-including-eternalblue-powershell-abuse/
-
https://blog.trendmicro.com/trendlabs-security-intelligence/purple-fox-fileless-malware-with-rookit-component-delivered-by-rig-exploit-kit-now-abuses-powershell/
-
https://blog.trendmicro.com/trendlabs-security-intelligence/new-powershell-based-backdoor-found-in-turkey-strikingly-similar-to-muddywater-tools/
-
https://blog.trendmicro.com/trendlabs-security-intelligence/analysis-abuse-of-custom-actions-in-windows-installer-msi-to-run-malicious-javascript-vbscript-and-powershell-scripts/
-
https://blog.trendmicro.com/trendlabs-security-intelligence/monero-mining-malware-pcastle-zeroes-back-in-on-china-now-uses-multilayered-fileless-arrival-techniques/
-
https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/espionage-cyber-propaganda-two-years-of-pawn-storm
-
https://blog.trendmicro.com/trendlabs-security-intelligence/cyber-propaganda-influenced-politics-2016/
-
https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/equifax-reveals-extent-of-2017-data-breach-number-of-stolen-records
-
https://www.trendmicro.com/vinfo/ph/security/news/internet-of-things/drilling-deep-a-look-at-cyberattacks-on-the-oil-and-gas-industry
-
https://help.deepsecurity.trendmicro.com/log-inspection.html
-
https://help.deepsecurity.trendmicro.com/welcome.html
-
http://www.diva-portal.org/smash/get/diva2:1333165/FULLTEXT01.pdf
-
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/tracking-detecting-and-thwarting-powershell-based-malware-and-attacks
-
https://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html
-
https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1059.001/T1059.001.md
-
https://uncoder.io/
-
https://devblogs.microsoft.com/powershell/powershell-injection-hunter-security-auditing-for-powershell-scripts/
-
https://github.com/PowerShellMafia/PowerSploit
-
https://github.com/samratashok/nishang
-
https://cybersectalk.com/2021/08/09/how-to-monitor-and-detect-malicious-powershell-scripts/
-
https://delinea.com/what-is/privileged-account
-
https://docs.microsoft.com/en-us/windows/win32/secauthz/privileges
-
https://docs.microsoft.com/en-us/windows/win32/secauthz/user-account-control
-
https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/security-identifiers
-
https://delinea.com/blog/top-7-types-of-privileged-accounts-to-protect
-
https://www.netmux.com/blog/operator-handbook
-
https://delinea.com/blog/windows-privilege-escalation
-
https://github.com/rasta-mouse/Watson
-
https://github.com/rasta-mouse/Sherlock
-
https://github.com/AlessandroZ/BeRoot
-
https://github.com/GDSSecurity/Windows-Exploit-Suggester
-
https://github.com/pentestmonkey/windows-privesc-check
-
https://github.com/abatchy17/WindowsExploits
-
https://github.com/absolomb/WindowsEnum
-
https://github.com/GhostPack/Seatbelt
-
https://github.com/M4ximuss/Powerless
-
https://github.com/411Hall/JAWS
-
https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe
-
https://github.com/bitsadmin/wesng
-
https://github.com/itm4n/PrivescCheck
-
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Hash%20Cracking.md#hashcat
-
https://github.com/nheiniger/SnaffPoint
-
https://github.com/nheiniger/SnaffPoint/pull/6
-
https://github.com/SnaffCon/Snaffler
-
https://github.com/Arvanaghi/SessionGopher
-
https://web.archive.org/web/20080530012252/http:/live.sysinternals.com/accesschk.exe
-
https://github.com/phackt/pentest/blob/master/privesc/windows/accesschk-XP.exe
-
https://twitter.com/Warlockobama/status/1067890915753132032
-
https://github.com/SecWiki/windows-kernel-exploits
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS17-017
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/CVE-2017-8464
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/CVE-2017-0213
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/CVE-2018-0833
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/CVE-2018-8120
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS17-010
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-135
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-111
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-098
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-075
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-034
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-032
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-016
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-014
-
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/MS03-026
-
https://github.com/jacob-baines/concealed_position
-
https://nvd.nist.gov/vuln/detail/CVE-2021-35449
-
https://nvd.nist.gov/vuln/detail/CVE-2021-38085
-
https://nvd.nist.gov/vuln/detail/CVE-2019-19363
-
https://nvd.nist.gov/vuln/detail/CVE-2020-1300
-
https://lolbas-project.github.io/
-
https://github.com/gtworek/Priv2Admin
-
https://twitter.com/Defte_
-
https://github.com/FuzzySecurity/PowerShell-Suite/blob/master/Conjure-LSASS.ps1
-
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15732
-
https://www.greyhathacker.net/?p=1025
-
https://twitter.com/parvezghh
-
https://github.com/gtworek/PSBits/blob/master/Misc/EnableSeRestorePrivilege.ps1
-
https://github.com/foxglovesec/RottenPotato
-
https://github.com/breenmachine/RottenPotatoNG
-
https://github.com/ohpe/juicy-potato/releases
-
https://ohpe.it/juicy-potato/CLSID/Windows_7_Enterprise
-
https://ohpe.it/juicy-potato/CLSID/Windows_8.1_Enterprise
-
https://ohpe.it/juicy-potato/CLSID/Windows_10_Enterprise
-
https://ohpe.it/juicy-potato/CLSID/Windows_10_Pro
-
https://ohpe.it/juicy-potato/CLSID/Windows_Server_2008_R2_Enterprise
-
https://ohpe.it/juicy-potato/CLSID/Windows_Server_2012_Datacenter
-
https://ohpe.it/juicy-potato/CLSID/Windows_Server_2016_Standard
-
https://github.com/antonioCoco/RoguePotato
-
https://github.com/zcgonvh/EfsPotato
-
https://github.com/antonioCoco/JuicyPotatoNG
-
https://gist.github.com/xct/3949f3f4f178b1f3427fae7686a2a9c0
-
https://github.com/xct/diaghub
-
https://github.com/Accenture/AARO-Bugs/tree/master/CVE-2020-5825/TrigDiag
-
https://github.com/decoder-it/diaghub_exploit
-
https://github.com/itm4n/UsoDllLoader
-
https://github.com/sailay1996/WerTrigger
-
https://github.com/binderlabs/DirCreate2System
-
https://packetstormsecurity.com/files/14437/hhupd.exe.html
-
https://www.zerodayinitiative.com/blog/2019/11/19/thanksgiving-treat-easy-as-pie-windows-7-secure-desktop-escalation-of-privilege
-
https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/icacls
-
https://web.archive.org/web/20191231011305/https:/xapax.gitbooks.io/security/content/privilege_escalation_windows.html
-
https://guif.re/windowseop
-
https://addaxsoft.com/wpecs/
-
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
-
http://www.fuzzysecurity.com/tutorials/16.html
-
https://hackmag.com/security/elevating-privileges-to-administrative-and-further/
-
https://decoder.cloud/2017/02/21/the-system-challenge/
-
https://github.com/dostoevskylabs/dostoevsky-pentest-notes/blob/master/chapter-4.md
-
https://www.tecklyfe.com/remediation-microsoft-windows-unquoted-service-path-enumeration-vulnerability/
-
https://pentestlab.blog/2017/04/19/stored-credentials/
-
https://pentestlab.blog/2017/04/24/windows-kernel-exploits/
-
https://pentestlab.blog/2017/04/04/dll-injection/
-
https://pentestlab.blog/2017/03/30/weak-service-permissions/
-
https://pentestlab.blog/2017/03/27/dll-hijacking/
-
https://pentestlab.blog/2017/04/13/hot-potato/
-
https://pentestlab.blog/2017/03/20/group-policy-preferences/
-
https://pentestlab.blog/2017/03/09/unquoted-service-path/
-
https://pentestlab.blog/2017/02/28/always-install-elevated/
-
https://pentestlab.blog/2017/04/03/token-manipulation/
-
https://pentestlab.blog/2017/04/07/secondary-logon-handle/
-
https://pentestlab.blog/2017/03/31/insecure-registry-permissions/
-
https://pentestlab.blog/2017/06/14/intel-sysret/
-
https://blog.xpnsec.com/becoming-system/
-
https://github.com/LOLBAS-Project/LOLBAS
-
https://web.archive.org/web/20191105182846/https:/amonsec.net/2018/09/23/Common-Windows-Misconfiguration-Services.html
-
https://github.com/sagishahar/lpeworkshop/blob/master/Local%20Privilege%20Escalation%20Workshop%20-%20Slides.pdf
-
https://vulndev.io/2019/03/06/abusing-diaghub/
-
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
-
https://itm4n.github.io/usodllloader-part2/
-
https://www.elladodelmal.com/2020/03/hacking-trick-environment-variable-path.html?m=1
-
https://www.tarlogic.com/en/blog/abusing-seloaddriverprivilege-for-privilege-escalation/
-
https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/
-
https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks
-
https://shells.systems/post-bypassing-applocker-by-abusing-hashinfo/
-
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
-
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#mitre-attck-persistence-techniques
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#scenario
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#persistence-with-powershell-empire
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#powershell-empire-persistence-modules
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#obtaining-a-high-integrity-agent-with-empire
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#persistence-through-windows-registry
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#persistence-through-scheduled-tasks
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/#persistence-through-creating-local-accounts
-
https://www.linode.com/docs/guides/windows-red-team-persistence-techniques/
-
https://fuzzysecurity.com/tutorials/19.html
-
https://github.com/ayeskatalas/Sophos-Removal-Tool/
-
https://knowledge.broadcom.com/external/article/178870/download-the-cleanwipe-removal-tool-to-u.html
-
https://www.elastic.co/guide/en/fleet/current/uninstall-elastic-agent.html
-
https://mrd0x.com/cortex-xdr-analysis-and-bypass/
-
https://github.com/GhostPack/ForgeCert
-
http://pwnwiki.io/#!persistence/windows/index.md
-
http://www.youtube.com/watch?v=K7o9RSVyazo
-
https://www.mdsec.co.uk/2020/02/iis-raid-backdooring-iis-using-native-modules/
-
https://iwantmore.pizza/posts/arbitrary-write-accessibility-tools.html
-
https://github.com/netbiosX/Checklists/blob/master/Persistence.md
-
https://pentestlab.blog/2020/01/14/persistence-winlogon-helper-dll/
-
https://pentestlab.blog/2019/10/30/persistence-bits-jobs/
-
https://pentestlab.blog/2020/01/13/persistence-image-file-execution-options-injection/
-
https://pentestlab.blog/2019/10/01/persistence-registry-run-keys/
-
https://pentestlab.blog/2021/11/15/golden-certificate/
-
https://embracethered.com/blog/posts/2020/shadowbunny-virtual-machine-red-teaming-technique/
-
https://www.elastic.co/guide/en/security/current/persistence-via-wmi-event-subscription.html
-
https://www.britannica.com/topic/Project-Mac
-
https://ei.cs.vt.edu/~history/Daemon.html
-
https://www.britannica.com/science/Maxwells-demon
-
https://www.britannica.com/biography/James-Clerk-Maxwell
-
https://itsfoss.com/linux-daemons/
-
https://www.makeuseof.com/linux-standard-input-output/
-
https://www.makeuseof.com/use-xargs-process-piped-arguments-linux/
-
https://www.makeuseof.com/ps-command-linux/
-
https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux?intcmp=701f20000012ngPAAQ
-
https://www.redhat.com/en/engage/linux-management-ebook-s-201912231121?intcmp=701f20000012ngPAAQ
-
https://www.redhat.com/sysadmin/rsyslog-systemd-journald-linux-logs
-
https://www.linux.com/learn/sysadmin/viewing-linux-logs-command-line
-
https://stackify.com/syslog-101/
-
https://stackify.com/13-ways-to-tail-a-log-file-on-windows-unix/
-
https://stackify.com/log-management/
-
https://stackify.com/retrace/
-
https://www.eurovps.com/blog/important-linux-log-files-you-must-be-monitoring
-
http://ossec-docs.readthedocs.io/en/latest/log_samples/linux/cron.html
-
http://ossec-docs.readthedocs.io/en/latest/log_samples/linux/syslogd.html
-
http://ossec-docs.readthedocs.io/en/latest/log_samples/linux/kernel.html
-
https://stackify.com/linux-logs/#:~:text=Linux%20logs%20will%20display%20with,view%20everything%20under%20the%20syslog
-
https://www.graylog.org/post/2020/12/09/
-
https://www.graylog.org/post/must-have-features-for-your-log-management-software
-
https://www.graylog.org/post/how-to-use-graylog-as-a-syslog-server
-
https://www.graylog.org/features/archiving
-
https://www.graylog.org/videos/json-extractor
-
https://www.graylog.org/features/gelf
-
https://www.graylog.org/features
-
http://httpd.apache.org/ABOUT_APACHE.html
-
https://strftime.org/
-
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
-
https://images.pexels.com/photos/1624895/pexels-photo-1624895.jpeg?auto=compress&cs=tinysrgb&dpr=2&h=750&w=1260
-
https://www.graylog.org/post/archiving-log-files-feature-guide-for-file-storage-and-archiving
-
https://github.com/gentoomaniac
-
https://regexr.com/
-
https://www.learnsteps.com/log-parsing-in-python-using-regular-expressions/
-
https://www.youtube.com/watch?v=ASDV7BeoDjA&ab_channel=SecurityNinja
-
https://datahack.analyticsvidhya.com/contest/data-science-blogathon-19/
-
https://www.analyticsvidhya.com/blog/2021/07/regular-expressions-in-python-a-beginners-guide/
-
https://docs.python.org/3/library/re.html
-
https://blackbelt.analyticsvidhya.com/plus?utm_source=blog_india&utm_medium=mobile_banner_between_articles&utm_campaign=17-Feb-2023||&utm_content=brochure
-
https://extendsclass.com/regex-tester.html
-
https://pythex.org/
-
https://pythex.org/?regex=(%3FP%3Capartment_num%3E%5Cd%2B)%5Cs*(%3FP%3Cstreet%3E%5Ba-z%5C.%5C-%5Cs%5Cd%5D%2B)%5C.%3F%5C%2C%3F%5Cs*(%3FP%3Ccity%3E%5Ba-z%5D%2B)%5C%2C%3F%5Cs*(%3FP%3Cstate%3E%5Ba-z%5D%7B2%7D)%5Cs*(%3FP%3Czipcode%3E%5Cd%2B)&test_string=555%20Wille%20Stargell%20Ave.%2C%20Alameda%2C%20CA%2094501%0A1210%20N.%20Atlantic%20Blvd.%2C%20Alhambra%2C%20CA%2091810%0A600%20S.%20Brookhurst%2C%20Anaheim%2C%20CA%2092804%0A1075%20W.%20I-20%2C%20Arlington%2C%20TX%2076017&ignorecase=1&multiline=0&dotall=0&verbose=0
-
https://github.com/CyberSecurityUP/Python-for-Security/blob/main/logfile.py
-
https://github.com/shubhamgoel-1410/Log-Analysis-Using-Regular-Expressions
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#ansible-playbooks
-
https://github.com/ansible/ansible-examples
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_async.html#playbooks-async
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#playbook-syntax
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#playbook-execution
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#task-execution
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#desired-state-and-idempotency
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#running-playbooks
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#ansible-pull
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#verifying-playbooks
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#ansible-lint
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id3
-
https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html#yaml-syntax
-
https://docs.ansible.com/ansible/latest/community/other_tools_and_programs.html#other-tools-and-programs
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id4
-
https://docs.ansible.com/ansible/latest/inventory_guide/intro_patterns.html#intro-patterns
-
https://docs.ansible.com/ansible/latest/collections_guide/collections_using_playbooks.html#collections-using-playbook
-
https://docs.ansible.com/ansible/latest/reference_appendices/playbooks_keywords.html#playbook-keywords
-
https://docs.ansible.com/ansible/latest/plugins/connection.html#connection-plugins
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html#become
-
https://docs.ansible.com/ansible/latest/reference_appendices/general_precedence.html#general-precedence-rules
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id5
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_strategies.html#playbooks-strategies
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id6
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id7
-
https://docs.ansible.com/ansible/latest/cli/ansible-playbook.html#ansible-playbook
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id8
-
https://github.com/ansible/ansible-examples/blob/master/language_features/ansible_pull.yml
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id9
-
https://docs.ansible.com/ansible/latest/community/other_tools_and_programs.html#validate-playbook-tools
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html#id10
-
https://docs.ansible.com/ansible-lint/index.html
-
https://docs.ansible.com/ansible-lint/rules/default_rules.html
-
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html
-
https://geekflare.com/ansible-playbook/
-
https://www.spiceworks.com/tech/devops/articles/what-is-ansible/#:~:text=Ansible%20for%20DevOps,the%20most%20popular%20DevOps%20tool
-
https://www.youtube.com/watch?v=5-7dRvqo0yE&ab_channel=RedHatAnsibleAutomation
-
https://blueteamlabs.online
-
https://letsdefend.io
-
https://github.com/Technawi/SOC-Analyst-Diploma/tree/main/Network%20Security%20
-
https://gist.github.com/hasherezade/785f7da52dfd91fe9e59ae283df2e898
-
http://sym.__x86.get_pc_thunk.ax
-
http://exploit.py
-
http://domain.com
-
http://domain.com:443
-
http://test.py
-
http://normal-website.com
-
http://wscript.shell
-
http://shell.run
-
http://var_shell.run
-
http://legit.zip
-
http://schemas.openxmlformats.org/package/2006/relationships
-
http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate
-
http://Doc3.dot
-
http://schemas.microsoft.com/office/word/2010/wordprocessingCanvas
-
http://schemas.microsoft.com/office/drawing/2014/chartex
-
http://schemas.microsoft.com/office/drawing/2015/9/8/chartex
-
http://schemas.openxmlformats.org/markup-compatibility/2006
-
http://schemas.openxmlformats.org/officeDocument/2006/relationships
-
http://schemas.openxmlformats.org/officeDocument/2006/math
-
http://schemas.microsoft.com/office/word/2010/wordprocessingDrawing
-
http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing
-
http://schemas.openxmlformats.org/wordprocessingml/2006/main
-
http://schemas.microsoft.com/office/word/2010/wordml
-
http://schemas.microsoft.com/office/word/2012/wordml
-
http://schemas.microsoft.com/office/word/2015/wordml/s
-
http://schemas.microsoft.com/office/word/2010/wordprocessingGroup
-
http://schemas.microsoft.com/office/word/2010/wordprocessingInk
-
http://schemas.microsoft.com/office/word/2006/wordml
-
http://schemas.microsoft.com/office/word/2010/wordprocessingShape
-
https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerUp/PowerUp.ps1'
-
http://Sherlock.ps
-
http://windows-exploit-suggester.py
-
http://jaws-enum.ps
-
http://wes.py
-
http://PrivescCheck.ps
-
https://your.sharepoint.com
-
http://your.onmicrosoft.com
-
https://learn.microsoft.com/en-us/sharepoint/dev/general-development/fast-query-language-fql-syntax-reference
-
https://raw.githubusercontent.com/Arvanaghi/SessionGopher/master/SessionGopher.ps1
-
http://SessionGopher.ps
-
http://PowerUp.ps
-
http://github.com/phackt
-
https://your-site.com/PowerUp.ps1'
-
https://github.com/matterpreter/OffensiveCSharp/tree/master/DriverQuery
-
https://github.com/Flangvik/DeployPrinterNightmare
-
https://lolbas-project.github.io
-
http://example.com/file.sct
-
https://github.com/gtworek/Priv2Admin,
-
https://github.com/itm4n/FullPowers
-
http://getsystem.py
-
https://github.com/sailay1996/tokenx_privEsc
-
http://Invoke-PowerShellTcp.ps
-
https://raw.githubusercontent.com/jivoi/pentest/master/exploit_win/ms08-067.py
-
http://MS08_067_2018.py
-
http://ms08-067.py
-
https://www.exploit-db.com/exploits/11199
-
https://www.exploit-db.com/exploits/18176
-
https://github.com/rootphantomer/exp/raw/master/ms15-051%EF%BC%88%E4%BF%AE%E6%94%B9%E7%89%88%EF%BC%89/ms15-051/ms15-051/Win32/ms15-051.exe
-
https://github.com/rootphantomer/exp/raw/master/ms15-051%EF%BC%88%E4%BF%AE%E6%94%B9%E7%89%88%EF%BC%89/ms15-051/ms15-051/x64/ms15-051.exe
-
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS15-051
-
https://www.exploit-db.com/exploits/39719/
-
https://github.com/FuzzySecurity/PowerShell-Suite/blob/master/Invoke-MS16-032.ps1
-
https://github.com/Meatballs1/ms16-032
-
https://github.com/helviojunior/MS17-010
-
http://send_and_execute.py
-
http://amAK.xyz
-
http://Pentestlab.blog
-
http://Tool.ps
-
https://github.com/0x09AL/IIS-Raid
-
http://iis_controller.py
-
https://download.virtualbox.org/virtualbox/6.1.8/VirtualBox-6.1.8-137981-Win.exe
-
https://aka.ms/wsl-debian-gnulinux
-
https://stackify.com/linux-logs/#:~:text=Linux%20logs%20will%20display%20with,view%20everything%20under%20the%20syslog.
-
https://regexr.com
-
http://pythex.org
-
http://regex_obj.search
-
http://match_obj.group
-
http://re.search
-
http://gmail.com
-
http://hari029yahoo.com
-
http://Manifold.net
-
http://match.group
-
https://www.spiceworks.com/tech/devops/articles/what-is-ansible/#:~:text=Ansible%20for%20DevOps,the%20most%20popular%20DevOps%20tool.
- Show all
-