Tags

2019

2020

2024

ADVERSARIAL BEHAVIOR SIMULATION

Purple Sharp | 17 Sep 2021

APT3

WMI(Windows Management Instrumentation) & WMI Attacks | 30 Aug 2019
APT3 공격 분석과 CHEIRON를 이용한 공격 시뮬레이션 | 15 Jul 2019
APT3 operation analysis and attack simulation using CHEIRON (English) | 15 Jul 2019
APT 시뮬레이터와 CHEIRON 소개 | 15 Jul 2019
Introduction to CHEIRON, The Adversarial Behavior Simulator (English) | 15 Jul 2019

ARES

Threat Hunting T1140 | 07 Sep 2020

ATT&CK Enterprise evaluation

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

ATTACK SIMULATION

Detection engineering at Somma | 24 Apr 2022
Purple Sharp | 17 Sep 2021

Adversarial Behavior Simulation

WMI(Windows Management Instrumentation) & WMI Attacks | 30 Aug 2019
APT3 operation analysis and attack simulation using CHEIRON (English) | 15 Jul 2019
APT 시뮬레이터와 CHEIRON 소개 | 15 Jul 2019
Introduction to CHEIRON, The Adversarial Behavior Simulator (English) | 15 Jul 2019

Alien Vault

위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

Analysis

Trickbot Research | 17 Sep 2021

BAS

WMI(Windows Management Instrumentation) & WMI Attacks | 30 Aug 2019
APT3 operation analysis and attack simulation using CHEIRON (English) | 15 Jul 2019
APT 시뮬레이터와 CHEIRON 소개 | 15 Jul 2019
Introduction to CHEIRON, The Adversarial Behavior Simulator (English) | 15 Jul 2019

Banking Trojan

Trickbot Research | 17 Sep 2021

Breach Attack Simulation

WMI(Windows Management Instrumentation) & WMI Attacks | 30 Aug 2019
APT3 operation analysis and attack simulation using CHEIRON (English) | 15 Jul 2019
APT 시뮬레이터와 CHEIRON 소개 | 15 Jul 2019
Introduction to CHEIRON, The Adversarial Behavior Simulator (English) | 15 Jul 2019

C-TAS

위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

CHEIRON

WMI(Windows Management Instrumentation) & WMI Attacks | 30 Aug 2019
APT3 공격 분석과 CHEIRON를 이용한 공격 시뮬레이션 | 15 Jul 2019
APT3 operation analysis and attack simulation using CHEIRON (English) | 15 Jul 2019
APT 시뮬레이터와 CHEIRON 소개 | 15 Jul 2019
Introduction to CHEIRON, The Adversarial Behavior Simulator (English) | 15 Jul 2019

CVE-2024-20656

Visual Studio Under Attack: Uncovering and Exploiting Vulnerabilities | 08 Mar 2024

Cheiron

Visual Studio Under Attack: Uncovering and Exploiting Vulnerabilities | 08 Mar 2024

Cyber threat

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

DBGHLP

WinDBG 에서 Symbol Enumeration 안되는 문제 해결하기 | 09 May 2020

DEV-TIPS

WinDBG 에서 Symbol Enumeration 안되는 문제 해결하기 | 09 May 2020

DTE

Visual Studio Under Attack: Uncovering and Exploiting Vulnerabilities | 08 Mar 2024

Detection engineering

Detection engineering at Somma | 24 Apr 2022

ELK

Monster Agent: ELK Integration (English) | 18 Dec 2017

Elastic Search

Monster Agent: ELK Integration (English) | 18 Dec 2017

End Point

Monster Agent: ELK Integration (English) | 18 Dec 2017
Monster Agent: Collects Events for Threat Hunters (English) | 17 Dec 2017
WinDBG 에서 Symbol Enumeration 안되는 문제 해결하기 | 09 May 2020

Kibana

Monster Agent: ELK Integration (English) | 18 Dec 2017

MISP

위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

MITRE ATT&CK

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

MITRE Engenuity

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

MONSTER

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

MitreEvaluations

Hello 2024, Renewal 쏘마! | 24 Jan 2024

Monster Agent

Monster Agent: ELK Integration (English) | 18 Dec 2017
Monster Agent: Collects Events for Threat Hunters (English) | 17 Dec 2017

Monster Threat Hunting Platform

Threat Hunting T1140 | 07 Sep 2020

OTX

위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

PURPLE SHARP

Purple Sharp | 17 Sep 2021

Persistence

UAC 우회 및 권한 상승 기법 | 22 May 2020

Privilege Escalation

UAC 우회 및 권한 상승 기법 | 22 May 2020

SDO

STIX 2.0 | 10 Apr 2020

SOMMA

Hello 2024, Renewal 쏘마! | 24 Jan 2024
2019년을 정리하며... | 08 Jan 2020

SRO

STIX 2.0 | 10 Apr 2020

STIX

STIX 2.0 | 10 Apr 2020
위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

STIX Pattern

STIX 2.0 | 10 Apr 2020

SYMBOL

WinDBG 에서 Symbol Enumeration 안되는 문제 해결하기 | 09 May 2020

Sandworm

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

Scenario

Visual Studio Under Attack: Uncovering and Exploiting Vulnerabilities | 08 Mar 2024

Security

Hello 2024, Renewal 쏘마! | 24 Jan 2024

T1088

UAC 우회 및 권한 상승 기법 | 22 May 2020

T1127.001

Detection engineering at Somma | 24 Apr 2022

T1183

UAC 우회 및 권한 상승 기법 | 22 May 2020

T1191

UAC 우회 및 권한 상승 기법 | 22 May 2020

T1546.003

Detection engineering at Somma | 24 Apr 2022

TAXII

위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

TIP

위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

Threat

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

Threat Hunting

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022
Monster Agent: ELK Integration (English) | 18 Dec 2017
Monster Agent: Collects Events for Threat Hunters (English) | 17 Dec 2017

Threat Intelligence Platform

위협 인텔리전스 플랫폼 소개 | 10 Apr 2020

Threat emulation

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

Trickbot

Trickbot Research | 17 Sep 2021

UAC bypass

UAC 우회 및 권한 상승 기법 | 22 May 2020

Vagrant

Vagrant 소개 | 28 Apr 2020

Visual Studio

Visual Studio Under Attack: Uncovering and Exploiting Vulnerabilities | 08 Mar 2024

WINDBG

WinDBG 에서 Symbol Enumeration 안되는 문제 해결하기 | 09 May 2020

WMI

Detection engineering at Somma | 24 Apr 2022
WMI(Windows Management Instrumentation) & WMI Attacks | 30 Aug 2019

WMI PERMANENT SUBSCRIPTION

Detection engineering at Somma | 24 Apr 2022

Windows Management Instrumentation

WMI(Windows Management Instrumentation) & WMI Attacks | 30 Aug 2019

Wizard spider

MITRE Engenuity ATT&CK® Enterprise 평가 결과 안내 | 05 Apr 2022
Announcement of SOMMA for MITRE Engenuity ATT&CK® Enterprise Evaluations result | 05 Apr 2022

event collect

Monster Agent: ELK Integration | 18 Dec 2017
Monster Agent: Collects Events for Threat Hunters | 17 Dec 2017

reddotaward

Hello 2024, Renewal 쏘마! | 24 Jan 2024

suo

Visual Studio Under Attack: Uncovering and Exploiting Vulnerabilities | 08 Mar 2024

threat hunting

Monster Agent: ELK Integration | 18 Dec 2017
Monster Agent: Collects Events for Threat Hunters | 17 Dec 2017

threathunting

Hello 2024, Renewal 쏘마! | 24 Jan 2024

windows

Monster Agent: ELK Integration | 18 Dec 2017
Monster Agent: Collects Events for Threat Hunters | 17 Dec 2017

갑진년

Hello 2024, Renewal 쏘마! | 24 Jan 2024

경자년

2019년을 정리하며... | 08 Jan 2020

리뉴얼

Hello 2024, Renewal 쏘마! | 24 Jan 2024

새해맞이

Hello 2024, Renewal 쏘마! | 24 Jan 2024
2019년을 정리하며... | 08 Jan 2020

소회

2019년을 정리하며... | 08 Jan 2020

쏘마

Hello 2024, Renewal 쏘마! | 24 Jan 2024

쏘마브랜딩

Hello 2024, Renewal 쏘마! | 24 Jan 2024

회고

Hello 2024, Renewal 쏘마! | 24 Jan 2024
2019년을 정리하며... | 08 Jan 2020