top of page
![](https://static.wixstatic.com/media/5cad07_649bbe7f590f4b0099aa92af3ccd3255~mv2.png/v1/fill/w_1024,h_1024,al_c,q_90,enc_avif,quality_auto/5cad07_649bbe7f590f4b0099aa92af3ccd3255~mv2.png)
Search
![A BITS of a Problem - Investigating BITS Jobs](https://static.wixstatic.com/media/5cad07_81f2592fdf2943efa50d5c0972bcceb6~mv2.png/v1/fill/w_451,h_339,fp_0.50_0.50,q_95,enc_auto/5cad07_81f2592fdf2943efa50d5c0972bcceb6~mv2.webp)
5 days ago8 min read
A BITS of a Problem - Investigating BITS Jobs
Investigate BITS jobs and identify the event logs and database associated with this!
![Lateral Movement - Remote Desktop Protocol (RDP) Artifacts](https://static.wixstatic.com/media/5cad07_24364734067247998907b0173b83ecb6~mv2.png/v1/fill/w_451,h_339,fp_0.50_0.50,q_95,enc_auto/5cad07_24364734067247998907b0173b83ecb6~mv2.webp)
Nov 18, 202410 min read
Lateral Movement - Remote Desktop Protocol (RDP) Artifacts
Learn about the various artifacts created to help investigate lateral movement via RDP on both the source and target system
![Lateral Movement - Remote Desktop Protocol (RDP) Event Logs](https://static.wixstatic.com/media/5cad07_1896568c5a84434cb866745c38e1259c~mv2.png/v1/fill/w_451,h_339,fp_0.50_0.50,q_95,enc_auto/5cad07_1896568c5a84434cb866745c38e1259c~mv2.webp)
Oct 1, 20247 min read
Lateral Movement - Remote Desktop Protocol (RDP) Event Logs
Identify the important Windows Event logs to hunt RDP lateral movement, both from the source and target system.
![](https://static.wixstatic.com/media/5cad07_5a84b7e6137b496886defba0fb6cad55~mv2.jpeg/v1/fill/w_250,h_250,fp_0.50_0.50,q_30,blur_30,enc_auto/5cad07_5a84b7e6137b496886defba0fb6cad55~mv2.webp)
![RDP Bitmap Cache - Piece(s) of the Puzzle](https://static.wixstatic.com/media/5cad07_5a84b7e6137b496886defba0fb6cad55~mv2.jpeg/v1/fill/w_451,h_339,fp_0.50_0.50,q_90,enc_auto/5cad07_5a84b7e6137b496886defba0fb6cad55~mv2.webp)
Jul 28, 20246 min read
RDP Bitmap Cache - Piece(s) of the Puzzle
Investigate the puzzle pieces of RDP bitmap cache and how to stitch these together to get the (sorta) full picture.
![Windows Defender MP Logs - A Story of Artifacts](https://static.wixstatic.com/media/5cad07_e6a9d408a5ee497d804e8f37c91c0ddb~mv2.png/v1/fill/w_451,h_339,fp_0.50_0.50,q_95,enc_auto/5cad07_e6a9d408a5ee497d804e8f37c91c0ddb~mv2.webp)
Jun 19, 20245 min read
Windows Defender MP Logs - A Story of Artifacts
What are the Windows Defender MP logs? What information do they contain and how can we use them in an investigation?
![Minimizing Malicious Script Execution](https://static.wixstatic.com/media/5cad07_d452ce23158b46d9b5c218783a83ff6d~mv2.png/v1/fill/w_451,h_339,fp_0.50_0.50,q_95,enc_auto/5cad07_d452ce23158b46d9b5c218783a83ff6d~mv2.webp)
Mar 28, 20244 min read
Minimizing Malicious Script Execution
Learn some quick wins to minimize malicious script execution.
bottom of page