| 2018-03-27 | Signature Based Detection of User Events for PostMortem Forensic Analysis | tolive | 1772 | |
| 2018-03-26 | basics-of-tracking-wmi-activity | tolive | 2268 | |
| 2018-03-26 | following the trace of WMI Backdoors & other nastiness | tolive | 2739 | |
| 2018-03-26 | uefi-ninja | tolive | 2535 | |
| 2018-03-23 | unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api-to-target-ira | tolive | 2009 | |
| 2018-03-23 | How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped | tolive | 2985 | |
| 2018-03-09 | digital-forensics-artifacts-of-interactive-sessions | tolive | 2512 | |
| 2018-03-05 | how-to-learn-powershell(内有部分资源列表) | tolive | 1932 | |
| 2018-03-05 | finding-evil-whitelist | tolive | 1681 | |
| 2018-03-02 | how-to-clear-rdp-connections-history | tolive | 2573 | |
| 2018-03-01 | antivirus_-understanding-evading | tolive | 1796 | |
| 2018-03-01 | evading-autoruns | tolive | 2218 | |
| 2018-02-13 | vshadow-abusing-the-volume-shadow-service-for-evasion-persistence-and-active-dir | tolive | 2766 | |
