GitHub

detect_empire_with_powershell_script_block_logging.yml

description: The following analytic detects suspicious PowerShell execution indicative of PowerShell-Empire activity. It leverages PowerShell Script Block Logging (EventCode=4104) to capture and ...
GitHub

debugging-python-in-visual-studio.md

Visual Studio installed with support for Python workloads. For more information, see Install Python support in Visual Studio. Python code to use with the debugger. If you want to control your Python ...
LinkedIn

How to use Cosmos DB for Table in PowerShell with Invoke-WebRequest (and a module to make ...

This article is to help users who want to use Cosmos DB for Table, instead of Azure Storage Tables, in their PowerShell Scripts and Azure Automation Runbooks. I think the reason behind this lack of ...
Bitdefender

Deep Dive Into A FIN8 Attack – A forensic investigation

During a recent investigation, our researchers encountered a new version of the BADHATCH malware used by the well-known threat actor, FIN8. We previously reported that FIN8 was working on a new ...
LinkedIn

Useful Powershell commands for Microsoft Word automation:

a. The following command is used to create an MS Word Application object: $word = New-Object -comobject Word.Application Let’s assign the object to a variable ...