December 2020
20
Threat Hunting via Windows Event Logs with DeepBlueCLI
No Comments
In this blog post, I will use the PowerShell module DeepBlueCLI to quickly discover suspicious account and command line behavior by parsing some sample evtx files from DeepBlueCLI GitHub page.