Sysinternals is my go to Windows toolkit for malware analysis, incident response, and troubleshooting. Sysinternals contain tools that enable the user to analyze the inner workings of a Windows system. In this blog post, I will be covering how to use Sysinternals in Red vs.Blue competitions to detect Red team activity. DISCLAIMER The information contained … Continue reading Tales of a Blue Teamer: Detecting Powershell Empire shenanigans with Sysinternals