Hypersec

🏆List of critical security events to review during an incident

فهرست رویدادهای امنیتی حیاتی که در طول یک حادثه باید بررسی شوند.

#SOC
#EventID
#soorin
@hypersec
شرکت دانش بنیان سورین

👍2🙏2👏1👌1

576 views09:43

Hypersec

sysmon.pdf

323.8 KB

🔍SYSMON EVENT ID🔎

#SOC
#EventID
#soorin
@hypersec
شرکت دانش بنیان سورین

👍3🤩2❤1

568 views10:44

Hypersec

لاگ های مهم ویندوز جهت مانیتورینگ و تحلیل:

4688: A new process has been created

5156: The Windows Filtering Platform has allowed connection

7045: A service was installed in the system

4657: A registry value was modified

4660: An object was deleted

4663: An attempt was made to access, modify, delete an object

7036: a service has entered the stopped state

7040: a service has disabled

#SOC
#EventID
#soorin
@hypersec

شرکت دانش بنیان سورین

🤩2

728 viewsedited 04:38

Hypersec

logon event type.pdf

601.9 KB

🖇Windows Event Log Analysis & Incident
Response Guid🔎🔍

#SOC
#EventID
#soorin
@hypersec
✳️شرکت دانش بنیان سورین✳️

612 viewsedited 05:39

Hypersec

🔏SOC Multi Tool🔏

Chrome Extension for quick:

IP/Domain Reputation Lookup
IP/ Domain Info Lookup
Hash Reputation Lookup (
Decoding of Base64 & HEX using CyberChef
File Extension & Filename Lookup

and more (view pic)

https://chrome.google.com/webstore/detail/soc-multi-tool/diagjgnagmnjdfnfcciocmjcllacgkab/

#SOC
#EventID
#soorin
@hypersec
شرکت دانش بنیان سورین

584 viewsedited 07:46

Hypersec

Windows Forensic Commands

470.1 KB

📕Windows forensic
Commands📘

#SOC
#EventID
#soorin
@hypersec
شرکت دانش بنیان سورین

605 views04:38

Hypersec

Enhancing Cyber Defense with Windows Security Event Logs.pdf

86.7 KB

🔒 Enhancing Cyber Defense with Windows Security Event Logs 🔍📊

#EventId
#Book
#security

@hypersec
شرکت دانش بنیان سورین

👍1

760 views04:38