nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpq79cztqkafgg8d90m38t8we0kfy3pusz7y83w5p2h5jcyt83asfkqrqlhf7 (nprofile…lhf7) That sounds like a pretty solid setup. I'd only add that for me, EDRs prove their mettle against things that don't match easy signatures in ART. A lot of those scripts use known malware samples. But it's a good baseline.
I do like to kick off a Sliver session with a few evasion tricks and see how long it takes for an alert to pop when I'm running with reasonable OPSEC. I get that takes time.
Taggart :donor: /
npub18w…6q6gg
2024-11-26 06:19:56
in reply to nevent1q…cuwu
Author Public Key
npub18wjp9tztznztxlxka5ttn5nz448la7c9ckmvdvlptcupgud3ygdqj6q6ggPublished at
2024-11-26 06:19:56Event JSON
{
"id": "e20d988716f971f85ae204606b00d07bf92af1239034b942eb22af8e13ad0068",
"pubkey": "3ba412ac4b14c4b37cd6ed16b9d262ad4ffefb05c5b6c6b3e15e381471b1221a",
"created_at": 1732601996,
"kind": 1,
"tags": [
[
"p",
"f1702582dd4a107695fb89d67765f649221e405e21e2ea0557a4b0459e3d826c",
"wss://relay.mostr.pub"
],
[
"p",
"1f963342f94451a437ab0b2a24811501b1091d6302e1008f9921704c70fa88b5",
"wss://relay.mostr.pub"
],
[
"e",
"b9a4707cf51d997d24e1ff8c69f1094b74a1260fb165d0673b545957aee419f5",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://infosec.exchange/users/mttaggart/statuses/113547804420785759",
"activitypub"
]
],
"content": "nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpq79cztqkafgg8d90m38t8we0kfy3pusz7y83w5p2h5jcyt83asfkqrqlhf7 That sounds like a pretty solid setup. I'd only add that for me, EDRs prove their mettle against things that don't match easy signatures in ART. A lot of those scripts use known malware samples. But it's a good baseline.\n\nI do like to kick off a Sliver session with a few evasion tricks and see how long it takes for an alert to pop when I'm running with reasonable OPSEC. I get that takes time.",
"sig": "7e70274e20c187451c610ca7b23c3f9356d16a8e4f105bce77cb4fdaf295a034ca8751de2a72c833c44f6dfe0f8ef5fd1c7328e0c59f1fbef711fbc67fd999b7"
}