Skip to content

Marcus Edmondson | Threat Hunting | Information Security

A blog about threat hunting and information security.

  • Home
  • About
  • Contact

Navigation

  • Home
  • About
  • Contact

Archive

  • February 2021
  • August 2020
  • July 2020
  • February 2019
  • January 2019
  • December 2018
  • August 2018
  • March 2018
  • February 2018

Month: February 2018

Elasticsearch Stack Install Part 2 Kibana

So we will be picking up where we left off. We have already installed Elasticsearch so if you have not completed that step yet, Part 1 is here. On with Kibana… Step 1 Install Kibana: sudo apt-get update && sudo apt-get install kibana Next we will connect the server to our localhost like we did with Elasticsearch. […]

Read More Elasticsearch Stack Install Part 2 Kibana

Elasticsearch Stack Install Part 1 Elasticsearch

So in this blog post I am going to start a series of posts dealing with installing the Elasticsearch stack and then using Winlogbeat to forward Windows event logs and Filebeat to forward bro logs and then finally we will build out some cool visualizations and dashboards. I will be installing the Elasticsearch stack on […]

Read More Elasticsearch Stack Install Part 1 Elasticsearch

Using PowerShell and Python to Analyze Amcache

I wanted to write this post on using PowerShell and Python, specifically PowerForensics and the pandas library to remotely copy the Amcache.hve file from multiple computers and then use amcacheparser.exe to parse all the amcache files and then load them all up into a pandas DataFrame for analysis. What you will need to accomplish this, […]

Read More Using PowerShell and Python to Analyze Amcache
Blog at WordPress.com.
Cancel

 
Loading Comments...
Comment
    ×