cybersecurity-triage

Here are 2 public repositories matching this topic...

Compcode1 / lolbin-triage

This repository documents real-world forensic triage cases involving the abuse of legitimate Windows binaries—also known as LOLBins—for malicious purposes.

lolbins windows-forensics ioc-analysis incident-reponse cybersecurity-triage

Updated May 7, 2025
Jupyter Notebook

Compcode1 / ioc3-obfuscated-script-mshta

Star

This case study analyzed a stealthy host-based compromise in which the attacker exploited the trusted Windows binary mshta.exe to execute a remotely hosted, obfuscated JavaScript payload. The attacker’s strategy was notable not for brute force or privilege escalation, but for quiet persistence and clever abuse of native system behavior.

ioc-analysis cybersecurity-triage windows-edr obfuscated-script mshta-exploitation

Updated May 10, 2025
Jupyter Notebook

Improve this page

Add a description, image, and links to the cybersecurity-triage topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the cybersecurity-triage topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly