2018-07-02 14:14:31 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Thanks I'm going to try to detect DCE/RPC by identifying those values |
2018-07-02 10:04:43 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Thanks I'll try to explore this way to see if I'm able to follow the TCP stream from the creation of the context to the |
2018-07-02 09:06:43 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Thanks I'll try to explore this way to see if I'm able to follow the TCP stream from the creation of the context to the |
2018-07-02 09:06:21 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Thanks I'll try to explore this way to see if I'm able to follow the TCP stream from the creation of the context to the |
2018-06-29 14:02:05 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Here is an archive with 2 different packet capture file. https://nofile.io/f/1P4DNYj2qOS/capture.zip |
2018-06-29 14:01:15 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Here is an archive with 2 differents packet capture file. https://nofile.io/f/1P4DNYj2qOS/capture.zip |
2018-06-29 12:47:21 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Yes I did. But I can only get the DRSUAPI-REPLICA-ADD with encrypted stub data. The problem is if I change datas within |
2018-06-29 12:37:37 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Yes I did. But I can only get the DRSUAPI-REPLICA-ADD with encrypted stub data. The problem is if I change datas within |
2018-06-29 12:35:34 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Yes I did. But I can only get the DRSUAPI-REPLICA-ADD with encrypted stub data. The problem is if I change datas within |
2018-06-29 12:12:05 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Yes I did. But I can only get the DRSUAPI-REPLICA-ADD with encrypted stub data. The problem is if I change datas within |
2018-06-29 12:10:59 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Yes I did. But I can only get the DRSUAPI_REPLICA_ADD with encrypted stub data. The problem is if I change datas within |
2018-06-29 10:11:33 +0000 | commented answer | How to flag DRSUAPI_REPLICA_ADD signature ? Thanks but it just allow to filter the "DRSUAPI-REPLICA-ADD" in wireshark. The purpose is to extract a generic hexadecim |
2018-06-29 10:11:13 +0000 | received badge | ● Rapid Responder (source) |
2018-06-29 10:11:13 +0000 | answered a question | How to flag DRSUAPI_REPLICA_ADD signature ? Thanks but it just allow to filter the "DRSUAPI-REPLICA-ADD" in wireshark. The purpose is to extract a generic hexadecim |
2018-06-28 15:46:46 +0000 | received badge | ● Editor (source) |
2018-06-28 15:46:46 +0000 | edited question | How to flag DRSUAPI_REPLICA_ADD signature ? How to flag DRSUAPI_REPLICA_ADD signature ? Hi, I'm currently working on a way to identify and block DC Shadow attack w |
2018-06-28 15:46:07 +0000 | asked a question | How to flag DRSUAPI_REPLICA_ADD signature ? How to flag DRSUAPI_REPLICA_ADD signature ? Hi, I'm currently working on a way to identify and block DC Shadow attack w |