-
Recent Posts
- Talking about RFC 9424 – Indicators of Compromise (IoCs) and Their Role in Attack Defence
- PowerShell Basic Introduction (Security Version)
- Improving Technical Interviews
- AnyDesk Forensic Analysis and Artefacts
- Log4J/Log4Shell Video Glossary
- HatsOffSecurity on YouTube
- How to Create a Good Security CTF
- NoScript Plugin Forensic Investigation – Firefox/ToR Browser
- Keybase.io Forensics Investigation
- When is Index.dat not Evidence of Browsing
Categories
- anydesk
- Attack
- Browser Forensics
- Brute force
- Chrome
- Competition
- Competitions
- Containment
- Content Delivery Manager
- Cookies
- Cryptography
- CTF
- Cyber
- Cyber Security Challenge
- Decoding Time
- Encrypted Traffic
- Firefox
- Forensic Readiness Plan
- General
- Google Analytics
- Google Chrome
- Google Rapid Response
- Group Policy
- GRR
- Hardening
- Heartbleed
- Identification
- Incident Response
- Internet Explorer
- Interviews
- Introduction
- IoCs
- Jump Lists
- Keybase
- Link FIles
- Linux Forensics
- Memory Forensics
- Microsoft Edge
- My Two Cents
- Network Analytics
- Network Forensics
- pass the hash
- PCAP Analysis
- Pen Testing
- PowerShell
- Preparation
- Protocol
- ReadyBoost
- Research
- Safari
- SANS
- Shared Folders
- Shellshock
- SMB
- SSH
- TOR
- Uncategorized
- USB Forensics
- Windows Forensics
- Windows Registry Forensics
- Windows Registry Forensics
- Windows Spotlight
- Windows XP
- Wireshark
CyberLinks
- Follow Hats Off Security on WordPress.com
Category Archives: Introduction
Talking about RFC 9424 – Indicators of Compromise (IoCs) and Their Role in Attack Defence
Discussing the newly published RFC 9424 and how IoCs can be used to build better defences, without relying on looking backwards. Continue reading
Posted in Attack, Cyber, General, Hardening, Incident Response, Introduction, IoCs, Windows Forensics
Tagged basics, defence in depth, folder location, hats off security, How to apply IOCs, ioc lifecycle, IoCs, IoCs Explained, pyramid of pain, rfc 9424, RFC9424, scheduled task name, sha256, understanding RFC9424
Leave a comment
How to Create a Good Security CTF
I have been creating network and computer security ‘Capture the Flag’, or ‘CTF’, challenges for a number of years now. My latest job had me doing this full-time for events that would attract several thousand players. During this time my … Continue reading
Windows XP Restore Points
I know XP is going the way of the Dodo, which is why I wanted to write this post. As blogs and posts update and keep up with the latest versions of Windows I find it harder and harder to … Continue reading
Incident Response Process
Today I am going to discuss the basics of an Incident Response process. I did not create this, I would love to give credit to those who did! There are other variations out there, however they all follow the basic … Continue reading
Posted in Incident Response, Introduction
Tagged basics, hats off security, Incident Reponse
Leave a comment
Hats Off Security Blog
Welcome to what I hope to be a technical and useful blog, I do tend to go off on tangents quite often, for example my spell checker doesn’t recognise ‘blog’ as a word….. ah well. This blog will be more … Continue reading