-
Recent Posts
- Talking about RFC 9424 – Indicators of Compromise (IoCs) and Their Role in Attack Defence
- PowerShell Basic Introduction (Security Version)
- Improving Technical Interviews
- AnyDesk Forensic Analysis and Artefacts
- Log4J/Log4Shell Video Glossary
- HatsOffSecurity on YouTube
- How to Create a Good Security CTF
- NoScript Plugin Forensic Investigation – Firefox/ToR Browser
- Keybase.io Forensics Investigation
- When is Index.dat not Evidence of Browsing
Categories
- anydesk
- Attack
- Browser Forensics
- Brute force
- Chrome
- Competition
- Competitions
- Containment
- Content Delivery Manager
- Cookies
- Cryptography
- CTF
- Cyber
- Cyber Security Challenge
- Decoding Time
- Encrypted Traffic
- Firefox
- Forensic Readiness Plan
- General
- Google Analytics
- Google Chrome
- Google Rapid Response
- Group Policy
- GRR
- Hardening
- Heartbleed
- Identification
- Incident Response
- Internet Explorer
- Interviews
- Introduction
- IoCs
- Jump Lists
- Keybase
- Link FIles
- Linux Forensics
- Memory Forensics
- Microsoft Edge
- My Two Cents
- Network Analytics
- Network Forensics
- pass the hash
- PCAP Analysis
- Pen Testing
- PowerShell
- Preparation
- Protocol
- ReadyBoost
- Research
- Safari
- SANS
- Shared Folders
- Shellshock
- SMB
- SSH
- TOR
- Uncategorized
- USB Forensics
- Windows Forensics
- Windows Registry Forensics
- Windows Registry Forensics
- Windows Spotlight
- Windows XP
- Wireshark
CyberLinks
- Follow Hats Off Security on WordPress.com
Tag Archives: basics
Types of Threat – Explained
From a high level what are the types or categories of threats faced by the Security professional? Let’s go over some basics. Internal Authorised Internal Unauthorised Internal to External External to Internal External to External (new) The first 4 are … Continue reading
Pass-the-hash Mitigation – Tip of the Day
I have been recently researching Pass the Hash mitigation techniques and I have found that there are the usual comments about not logging on to workstations with Admin accounts, ensuring your local admin accounts don’t have the same password, ensuring … Continue reading
Windows XP Restore Points
I know XP is going the way of the Dodo, which is why I wanted to write this post. As blogs and posts update and keep up with the latest versions of Windows I find it harder and harder to … Continue reading
Link Files
Link (lnk) files are a valuable source of information in a forensic investigation and should not be casually overlooked. What are Link files? Link files are created by the system when a file is opened, even if that file is … Continue reading
Posted in Link FIles, Windows Forensics
Tagged artefact locations, basics, hats off security, link files, windows 7, Windows8
Leave a comment
Incident Response Process Phase 3 – Containment
First Steps When moving into the containment phase an incident has already been declared. It is now time to categorise the incident and relay this to the customer/management. The categorisation or characterisation of the incident can be broken down into … Continue reading
Posted in Containment, Incident Response
Tagged basics, containment, hats off security, Incident Reponse
Leave a comment
Incident Response Process
Today I am going to discuss the basics of an Incident Response process. I did not create this, I would love to give credit to those who did! There are other variations out there, however they all follow the basic … Continue reading
Posted in Incident Response, Introduction
Tagged basics, hats off security, Incident Reponse
Leave a comment
Chrome – Basics
Google Chrome, or just Chrome, is (at the time of writing) the most popular web browser by a fair amount. Twice as popular as Mozilla’s Firefox. Chrome stores its artefacts in SQLite, JSON (JavaScript Object Notation) and SNSS (Session Saver) … Continue reading
Internet Explorer – Basics
As IE comes bundled with Windows as standard it is often the browser (of choice?) used by a lot of organisations. Larger organisations are also often slower to update IE, in my experience, as they have integrated business critical applications … Continue reading