Log4Shell Enumeration, Mitigation and Attack Detection Tool
Start with confirming that an incident took place. My five-minute understanding of Datto's ComStore log4shell tool is that it does two things:
Signature base for my scanner tools
Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
1 project | reddit.com/r/AskNetsec | 4 Mar 2022
Yara rule to detect ProxyToken exploitation
1 project | reddit.com/r/blueteamsec | 30 Aug 2021
APT29 / NOBELIUM VirusTotal retro hunt results using 12 newly release Yara rules
2 projects | reddit.com/r/blueteamsec | 30 May 2021
At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software
1 project | reddit.com/r/cybersecurity | 5 Mar 2021
Cybersecurity professionals - what’s your “toolkit”/process to check a desktop PC is clean (or infected), before concluding that a reinstall of the OS is needed?
1 project | reddit.com/r/cybersecurity | 10 Nov 2021