Archive - Detection Engineering of Black Lantern Security (BLSOPS)

Detecting Process Injection

Evasion Techniques and Detection Strategies for Memory-Resident Malware

Jul 16, 2024 •

Adeem Mawani

October 2022

Mapping Windows Audit Log Settings to MITRE Data Sources for Rabobank-CDC DeTT&CT

Use the DeTT&CT framework to assess TTP coverage, perform gap analysis, and prioritize detection engineering efforts

Oct 5, 2022 •

,

, and

June 2021

Detecting LDAP Recoannaissance

Techniques to Identify Active Directory Enumeration

Jun 28, 2021 •

Adeem Mawani

December 2020

Detecting DCSync

Understanding and Detecting MITRE T1003.006 - OS Credential Dumping: DCSync

Dec 4, 2020 •

Brian O'Hara

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts