-
Notifications
You must be signed in to change notification settings - Fork 3
/
index.html
178 lines (110 loc) · 7.02 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="shortcut icon" href="/static/img/favicon.ico" />
<title>Matthew Green</title>
<meta name="author" content="Matthew Green" />
<meta name="description" content="A blog for DFIR thoughts, research and for my future reference" />
<meta name="keywords" content="Matt's DFIR Blog, posts" />
<link rel="alternate" type="application/rss+xml" title="RSS" href="/feed.xml">
<meta content="" property="fb:app_id">
<meta content="Matt's DFIR Blog" property="og:site_name">
<meta content="Matt's DFIR Blog" property="og:title">
<meta content="website" property="og:type">
<meta content="A blog for DFIR thoughts, research and for my future reference" property="og:description">
<meta content="http://0.0.0.0:4000/" property="og:url">
<meta content="http://0.0.0.0:4000/static/img/avatar.jpg" property="og:image">
<meta name="twitter:card" content="summary">
<meta name="twitter:site" content="@mgreen27">
<meta name="twitter:creator" content="@mgreen27">
<meta name="twitter:title" content="Matt's DFIR Blog">
<meta name="twitter:url" content="http://0.0.0.0:4000/">
<meta name="twitter:description" content="A blog for DFIR thoughts, research and for my future reference">
<!-- Font awesome icons -->
<link href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css" rel="stylesheet" integrity="sha384-T8Gy5hrqNKT+hzMclPo118YTQO6cYprQmhrYwIiQ/3axmI1hQomh7Ud2hPOy8SP1" crossorigin="anonymous">
<!-- syntax highlighting CSS -->
<link rel="stylesheet" href="/static/css/syntax.css">
<!-- Bootstrap core CSS -->
<link href="/static/css/bootstrap.min.css" rel="stylesheet">
<!-- Fonts -->
<link href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,latin-ext" rel="stylesheet" type="text/css">
<!-- Custom CSS -->
<link rel="stylesheet" href="/static/css/super-search.css">
<link rel="stylesheet" href="/static/css/thickbox.css">
<link rel="stylesheet" href="/static/css/projects.css">
<link rel="stylesheet" href="/static/css/main.css">
</head>
<body>
<div class="container">
<div class="col-sm-3">
<div class="fixed-condition">
<a href="/"><img class="profile-avatar" src="/static/img/avatar.jpg" height="75px" width="75px" /></a>
<h1 class="author-name">Matthew Green</h1>
<div class="profile-about">
I am a DFIR and detection guy from Sydney Australia.
</div>
<div class="social">
<ul>
<li><a href="https://www.twitter.com/mgreen27" target="_blank"><i class="fa fa-twitter"></i></a></li>
<li><a href="https://www.linkedin.com/in/mgreen27/" target="_blank"><i class="fa fa-linkedin"></i></a></li>
<li><a href="https://github.com/mgreen27" target="_blank"><i class="fa fa-github"></i></a></li>
</ul>
</div>
<div class="search" id="js-search">
<input type="text" placeholder="(sitemap)~$ type to search" class="search__input form-control" id="js-search__input">
<ul class="search__results" id="js-search__results"></ul>
</div>
<hr />
<ul class="sidebar-nav">
<strong>Navigation</strong>
<li><a href="/">Home</a></li>
<li><a class="about" href="/about/">About Me</a></li>
<li><a class="about" href="/projects/">Talks / Projects</a></li>
<li><a class="about" href="/feed.xml">XML Feed</a></li>
</ul>
</div>
<!-- end /.fixed-condition -->
</div>
<div class="col-sm-8 col-offset-1 main-layout">
<div id="home">
<h1>Matt's DFIR Blog</h1>
<hr />
<ol class="posts">
<li><a href="/posts/2022/01/12/wmi-eventing.html">WMI Event Consumers: what are you missing?</a> » <i><span>12 Jan 2022</span></i></li>
<li><a href="/posts/2021/11/09/VQL.html">Cobalt Strike Payload Discovery And Data Manipulation In VQL</a> » <i><span>09 Nov 2021</span></i></li>
<li><a href="/posts/2020/07/23/IPSEC.html">Windows IPSEC for endpoint quarantine</a> » <i><span>23 Jul 2020</span></i></li>
<li><a href="/posts/2019/12/08/LocalLRwithVRaptor.html">Local Live Response with Velociraptor ++</a> » <i><span>08 Dec 2019</span></i></li>
<li><a href="/posts/2019/11/10/LRwithVRaptor.html">Live response automation with Velociraptor</a> » <i><span>10 Nov 2019</span></i></li>
<li><a href="/posts/2019/06/09/O365HiddenRules.html">O365: Hidden InboxRules</a> » <i><span>09 Jun 2019</span></i></li>
<li><a href="/posts/2019/05/29/BinaryRename2.html">Binary Rename 2</a> » <i><span>29 May 2019</span></i></li>
<li><a href="/posts/2019/05/12/BinaryRename.html">Blue Team Hacks - Binary Rename</a> » <i><span>12 May 2019</span></i></li>
<li><a href="/posts/2019/04/07/ILRScriptBuilder.html">Live Response Script Builder</a> » <i><span>07 Apr 2019</span></i></li>
<li><a href="/posts/2018/04/02/DownloadCradle.html">Powershell Download Cradles</a> » <i><span>02 Apr 2018</span></i></li>
<li><a href="/posts/2018/02/18/Sharing_my_BITS.html">Sharing my BITS</a> » <i><span>18 Feb 2018</span></i></li>
<li><a href="/posts/2018/01/14/Invoke-LiveResponse.html">Invoke-LiveResponse</a> » <i><span>14 Jan 2018</span></i></li>
<li><a href="/posts/2017/04/03/Blue_Team_Hacks-WMI_Eventing.html">Blue Team Hacks - WMI Eventing</a> » <i><span>03 Apr 2017</span></i></li>
<li><a href="/posts/2017/01/12/PowerShell_Remoting_IR.html">PowerShell Remoting and Incident Response</a> » <i><span>12 Jan 2017</span></i></li>
</ol>
<!-- Pagination links -->
</div><!-- end #home -->
<footer>
© Matthew Green
- <a href="https://github.com/mgreen27">https://github.com/mgreen27</a> - Powered by Jekyll.
</footer>
</div>
<!-- end /.col-sm-8 -->
</div>
<!-- end /.container -->
<!-- Bootstrap core JavaScript -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<script src="//code.jquery.com/jquery-migrate-1.2.1.min.js"></script>
<script src="/static/js/bootstrap.min.js"></script>
<script src="/static/js/super-search.js"></script>
<script src="/static/js/thickbox-compressed.js"></script>
<script src="/static/js/projects.js"></script>
</body>
</html>