Jonathan JohnsonRefining Detection: New Perspectives on ETW Patching TelemetryIntroductionJun 12Jun 12
Jonathan JohnsonWhat the Fork: Exploring Telemetry Gaps in Microsoft’s 4688 EventOriginally posted: What the Fork: Exploring Telemetry Gaps in Microsoft’s 4688 Event | Prelude (preludesecurity.com) but authored by me.Apr 4Apr 4
Jonathan JohnsonEvent Tracing for Windows (ETW): Your Friendly Neighborhood IPC MechanismOriginally posted: Event Tracing for Windows (ETW): Your Friendly Neighborhood IPC Mechanism | Prelude (preludesecurity.com) but authored…Apr 4Apr 4
Jonathan JohnsonUncovering Adversarial LDAP TradecraftA Write-Up by TrustedSec’s Research Lead Carlos Perez and Binary Defense’s Research Lead Jonathan Johnson. Originally posted on the Binary…Dec 18, 2023Dec 18, 2023
Jonathan JohnsonMastering Windows Access Control: Understanding SeDebugPrivilegeOriginally posted on the Binary Defense page, but was authored by me.Dec 18, 2023Dec 18, 2023
Jonathan JohnsonThe Client/Server Relationship — A Match Made In HeavenThis blog is written by Jonny Johnson, Senior Researcher of Adversarial Techniques and Capabilities at Binary Defense, and co-authored…Oct 11, 2023Oct 11, 2023
Jonathan JohnsonDemystifying DLL Hijacking Understanding the Intricate World of Dynamic Link Library AttacksThis blog was originally written by me and posted by BinaryDefense.Oct 11, 2023Oct 11, 2023
Jonathan JohnsonThreadSleeper: Suspending Threads via GMER64 DriverOriginally posted: https://www.binarydefense.com/resources/blog/threadsleeper-suspending-threads-via-gmer64-driver/Jul 21, 2023Jul 21, 2023