Misc Research
Open notes on defensive security, Windows Internals and more
Just the stuff I find interesting.
Wisdom consoleonline
$ echo ""
Latest
More recent
The following notes try to document the meaning behind some events and fields provided by this provider.
ETW - Microsoft-Windows-SMBClient - Event Details
etwwindowsIntune Management Extension included on Intune Managed Devices.
Living of the Land - AgentExecutor
lolbinwindowsThe curl utility can accept percent encoded URLs, which can be used to bypass certain filters. Let's take for example the following URL: Encoded, it would look like this: Surprisin…
Living of the Land - Curl
lolbinwindows