ADSISearcher
What is ADSISearcher? ADSISearcher is a simplification of the .NET class `System.DirectoryServices.DirectorySearcher` in PowerShell. It allows you to make LDAP queries to retrieve data from the Active Directory, such as […]
Alert Assistant
What is an Alert Assistant and why is it important in cyber security? An alert assistant is an automated monitoring system that detects potential security incidents and alerts the user. […]
Alert Dashboard
What is an Alert Dashboard? An alert dashboard is a central interface that displays security alerts in real time from various sources such as SIEM (Security Information and Event Management), […]
Command and Control (C&C)
What is command and control (C&C) in cyber security? Command and control (C&C) refers to the communication infrastructure that attackers use to control compromised systems or networks. This infrastructure enables […]
Compromise Assessment
What is a Compromise Assessment? A Compromise Assessment is a thorough and structured review of an organization’s entire IT environment to determine whether a cyberattack has occurred or is currently […]
Data Loss Prevention (DLP)
What is Data Loss Prevention (DLP) and how does it work? Data loss prevention (DLP) refers to technologies, strategies and processes that serve to protect sensitive data from loss, theft […]
DNS tunnel
What is DNS tunneling and how does it work? DNS tunneling is a technique that abuses the Domain Name System (DNS) to transmit data or communications that would normally be […]
Dropper
What is a dropper? A dropper is a type of malicious software (malware) that has been specially developed to install other malicious programs on a target system. Its primary purpose […]
LOLBAS/LOLBins
What is a LOLBin? An LOLBin (Living Off The Land Binary) is a legitimate system file or script that was originally developed for administrative or diagnostic purposes. However, attackers use […]
MFA – Multi-factor authentication
What is multi-factor authentication (MFA)? Multi-factor authentication (MFA) is a security method that requires users to provide multiple independent proofs of their identity before they are granted access to a […]
