Category Archives: Incident Handler

Bypassing AV (Windows Defender) … Cat vs. Mouse

In the last post https://www.cyberguider.com/bypassing-windows-defender-the-tedious-way/ we found that Windows Defender uses a black list to stop known hacking tools such as Mimikatz. We were able to easily bypass the restriction with some word replacements but it took time, trail and error. In this post we are going to make that process much easier. As with […]

Read More

Bypassing AV (Windows Defender) … the tedious way.

I was on a penetration test when i was able to acquire a set of admin credentials. This wasn’t a red team engagement, so there was no issues lighting up their AV with some of our tools but I always try to stay as silent as possible until close to the end or the assessment. […]

Read More

You’re too easy…

The average computer user does not think much about the amount of information he or she shares with others whether in-person, online or at random venues. They just want to be seen and heard because that is how the world works now. If you are not connected to a social media entity, you, my friend, […]

Read More

Your PORN DOES NOT IMPRESS US!!

Often times as information technology (IT) security professionals (a.k.a. Security Pros), we meet others who are interested in what we do for a living. The transfer of knowledge serves as a good way to promote IT security and often kick-starts an impromptu IT security awareness discussion. However this brings more than its average share of […]

Read More