top of page

Please access this website using a laptop / desktop or tablet for the best experience

Log Analysis and Tracking Lateral Movement in Using Event IDs

Pages Count

8 Pages

Links for the courses

For Understanding Lateral Movement Checkout below link

Understanding Lateral Movement in Cybersecurity

--------------------------------------------------------------------------------------------------------------------------

Article Name	Link
Log Analysis – It’s Not About Knowing, It’s About Correlating	Click Me
Tracking Kerberos & NTLM Authentication Failures and Investigation	Click Me
Understanding Where Windows Authentication Logs Actually Live — From AD to Entra ID	Click Me
Event Log Clearing and Malware Execution: Evidence from Windows Logs	Click Me
PowerShell Logging: Making the Invisible Visible	Click Me
Tracking Lateral Movement — Named Pipes, Scheduler, Services, Registry, and DCOM (Event IDs)	Click Me
Tracking Lateral Movement: PowerShell Remoting, WMIC, Explicit Credentials, NTLM Relay Attacks, Credential Theft and Reuse (Event IDs)	Click Me

Your Instructor

Dean

Dean

bottom of page