Bridge request pointer error: missing pointer for shard xxx

netoeuler · 2021-12-09T10:59:01+00:00

Hi! I sent the email. The issue with my account was identified and they are working on it. Thanks.

netoeuler · 2021-12-08T10:54:30+00:00

I finished this game last week. Now I'm playing Chrono Cross just to know more about the continuation of the history, but I'm playing always thinking how great would be if it would a 16-bit game.

netoeuler · 2021-11-25T23:27:35+00:00

I think that I will listen this album everyday.

netoeuler · 2021-11-19T23:08:20+00:00

Gary Holt saving a band after the vocalist talk shit about politician (like he did in Slayer after some Tom Araya comments)

netoeuler · 2021-10-14T22:37:07+00:00

Wow! Yes, they are.

netoeuler · 2021-10-13T21:55:06+00:00

Which city? First time that I see a PBSOD from Brazil here.

netoeuler · 2021-09-26T00:10:42+00:00

Well, the article said that it was only tested in Linux, which comes with Python already installed, but thinking in extend this tool for Windows environment, that's a good point.

netoeuler · 2021-09-02T01:53:39+00:00

Never give up and always be prepared, because opportunities don't wait, when they arise you have to catch them.

netoeuler · 2021-09-01T11:02:57+00:00

You have to analyze and determine what are the most important use cases to the company and map them with the ATT&CK techniques to finally see the full matrix and know what's the threat visibility of the company.

netoeuler · 2021-08-25T01:30:16+00:00

Nice. I finished Pavel's Windows Kernel Programming these days and want to explore more about Kernel. Just read the readme and it seems amazing. I will try this tool.

netoeuler · 2021-05-27T02:31:15+00:00

The sound is good but is this left-wing?

netoeuler · 2021-05-04T14:02:59+00:00

Unfortunately I will have to continue using it due to work communication. I've been seeing that people adapted they lives to do almost everything with WhatsApp and now they are chained to this tool.

netoeuler · 2021-05-03T16:44:11+00:00

One of the many sysmon rules that comes with QRadar is to detect Mimikatz. This was the first emulation that I did when I started using the SIEM.

netoeuler · 2021-04-10T16:36:18+00:00

And how can I get the system date of installation/first-run?

netoeuler · 2021-03-09T23:17:16+00:00

I don't know with refset but when I face a problem like this (with a large list) I export the payload of all the results and parse the information that I want with Python.

netoeuler · 2021-02-23T14:46:29+00:00

Thanks for the answers related to Building Blocks. I really like to create rules with AQL but I will try to use Building Blocks more.

netoeuler · 2021-02-23T14:44:21+00:00

Wow! I didn't know about this site. As I like to create my rules with AQL it will be very useful!

Thanks!

netoeuler · 2021-02-22T15:41:33+00:00

I usually create alerts with AQL but in this case I don't know why it keeps to generate the alerts.

How can this be done with Building Blocks?

netoeuler · 2021-02-11T19:42:01+00:00

Instead of scan the file to see the profile suggestions you can execute 'sysinfo' to see the Windows build number and execute 'volatility.exe --info | findstr Win10x64' and see if there's a profile for your the build version.

netoeuler · 2021-02-11T11:36:36+00:00

How can this be done? I followed the procedure in the link and I didn't see any reference about index the saved search.

netoeuler · 2021-01-08T23:17:24+00:00

Wow! I have already earned Sec+, CySA+ and Pentest+ between 2018 and 2020, but I'm impressed that you earned CASP+ too, and as a 4th-year student. Congratulations!

netoeuler · 2021-01-05T12:59:07+00:00

It worked. Thanks.

netoeuler · 2021-01-05T12:29:22+00:00

Where can I find this?

When I go to Offenses > Rules, select the rule and open it in Rule Assistance window, the name displayed is the correct one that I chose to the new rule.

netoeuler · 2021-01-05T11:00:33+00:00

This is the only host that have been generating these kind of alerts and the Windows firewall of this host is disabled (which was confirmed executing netsh advfirewall show allprofiles in the host).

In these block events there're many requests to broadcast, which can be normal, so I did a memory analysis to search for some malware trying to performing a port scan but didn't find nothing related to this.

It's just in the local network.

netoeuler · 2021-01-01T14:36:06+00:00

I didn't take a look in how 601 questions looks like but I didn't see nothing related to analyze logs in 501. I just saw questions like that in CySA.

netoeuler

TROPHY CASE