The ForEach enumerator and ForEach-Object can be confusing at times. In this blog post I will highlight some differences between the two.
Introduction to Sysmon
I decided to write this article about Sysmon after my struggle to find any basic Sysmon 101 article. Although there are plenty of articles explaining how to install sysmon, I never found any good article on how sysmon rules work together. After some error and trials I was finally able to figure it out.
This blog post is about LLMNR attack. LLMNR attack is commonly used by Penetration testers during an engagement to get their hands on NLMv2 hash. The captured hash is either used to obtain the original password or used in the pass the hash attack.