Fixing custom sysmon-modular rules with invalid XML
I’m a big proponent of Sysinternals Sysmon for shops that aren’t running a commercial endpoint detection and response (EDR) tool, like VMware’s Carbon Black or Crowdstrike’s Falcon. Sysmon is the
Tag: sysmon
When Notepad dials up a domain controller
Windows Notepad is a lonely tool. It barely does the job in a pinch, with only the most basic functions you’d expect in a text editor. Older versions drove non-Windows