ETW vs Sysmon Against C2 Servers

by Damon Mohammedbeger In this article, I want to talk about my research about ETW and Sysmon and how I can use these events for detection against C2 servers like Cobalt Strike, PoshC2, Sliver and, as always, Metasploit. So, as a pentester and security researcher, I tried to work on....

Read the rest of this story with a free account.

Already have an account? Sign in

March 1, 2023

Author

Bruno Zwierz

Latest Articles

Official2023.02.22Windows Privilege Escalation: The Concepts of Hijacking Execution Flow
Official2023.02.22Building Intuition into Monitoring for OT/ICS Security
Official2023.02.22WiFi Pentesting with Airodump-ng
Official2023.02.21ETW vs Sysmon Against C2 Servers

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment

Newest

Oldest Most Voted

Inline Feedbacks

View all comments

fnaf12

5 months ago

I encourage you to participate in poppy playtime whenever you get the chance. This is a wonderful activity for relieving tension and unwinding after a long day.

ETW vs Sysmon Against C2 Servers

Author

Latest Articles

Join Us

https://pentestmag.com/wp-content/uploads/2023/06/PenTeswhitet.svg

ETW vs Sysmon Against C2 Servers

Author

Latest Articles

Join Us

Thank you!

https://pentestmag.com/wp-content/uploads/2023/06/PenTeswhitet.svg