Thank you so much for the kind words and the support through the super thanks! This is my first one and really means a lot :) If there is anything else I can do, don't hesitate to reach out.
Not that I'm aware of with ProcMon. I've looked/asked around a bit and nothing has come up. If you do find something please let me know, I'd be happy to make a video out of it!
Here's a great answer on LinkedIn from a colleague - www.linkedin.com/posts/ryanjchapman_dfir-blueteam-cybersecurity-activity-7057458353047801857-_BVK/. This should answer your question!
Thanks for sharing this, you are a fantastic teacher! Looking forward for more content 🦾
Thank you so much for the kind words and the support through the super thanks! This is my first one and really means a lot :) If there is anything else I can do, don't hesitate to reach out.
Thanks for sharing, your effort is very appreciated!
You're very welcome, glad to hear you enjoyed it!
Thanks for another insight ❤.
You are so welcome
Great work!
Thanks!
+1 for the liquid dnb at the beginning
Thanks! I have no real system to picking the music other than I think it sounds good :)
Awesome! Please, please continue the series!
Episode 4 is tomorrow :) Thanks for the feedback!
Wonderful content. Thanks, your explanations are very easy to understand. Keep it up please :)
Thanks, will do!
Great explaination Sir, Thanks for the Knowledge sharing 👍
My pleasure 🙏
awesome
Thank you :)
Brilliant content !!
Thank you :)
Great stuff 👍
Thank you :)
is there any way to spot process injection in procmon logs? @jstrosch
Not that I'm aware of with ProcMon. I've looked/asked around a bit and nothing has come up. If you do find something please let me know, I'd be happy to make a video out of it!
@@jstrosch never mind, I extensively looked for an answer in my past without any success ... probably there is no means at all.
Edit: Thanks btw
@@ghibbster Good to know we're at least finding the same lack of results... thanks for the update!
In the command line for Conhost.exe (3804) what does the parameter "0xffffffff -ForceV1" signify?
Here's a great answer on LinkedIn from a colleague - www.linkedin.com/posts/ryanjchapman_dfir-blueteam-cybersecurity-activity-7057458353047801857-_BVK/. This should answer your question!
great content but it is difficult to follow without known the passowrd to unzip the pcap.What is the password to unzip the pcap?
It's posted on the website where you download it - thecyberyeti