ACE Responder

@ACEResponder

Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.

Joined August 2022

226Following

16KFollowers

Pinned

ACE Responder@ACEResponder · Jan 16

🚀 Take your skills to the next level with our first professional certification: Certified Enterprise Defensive Analyst (CEDA)! aceresponder.com/eda Perfect for junior to intermediate defenders looking to go beyond alerts. 💻 What you'll learn: • Dive deep into Linux,…

10.0K

ACE Responder@ACEResponder · Jul 24

✅The UAC Bypasses module is now available in the instant SIEM! Practice investigating a diverse set of UAC bypasses with Kusto Query Language (KQL)! #ThreatHunting #DFIR aceresponder.com/learn/uac-bypa…

ACEResponder's tweet card. ##### Prerequisites: * [OpenSearch Tutorial](/learn/opensearch-tutorial) * [Windows Logons](/learn/opensearch-tutorial) Welcome to this module on UAC Bypasses. User Account Control (UAC) is a...

3.0K

ACE Responder@ACEResponder · Jul 22

How Component Object Model (COM) works. #ThreatHunting #DFIR #Windows #Microsoft

281

198

18.0K

ACE Responder@ACEResponder · Jul 21

New blog 💉Prompt Injection: How You Will Be Hacked In this blog I demonstrate a prompt injection attack against Anthropic's Claude using a poisioned log entry. I also discuss ways to mitigate attacks against defensive AI agents. #ThreatHunting #DFIR aceresponder.com/blog/prompt-in…

ACEResponder's tweet image. New blog 💉Prompt Injection: How You Will Be Hacked

In this blog I demonstrate a prompt injection attack against Anthropic's Claude using a poisioned log entry.

I also discuss ways to mitigate attacks against defensive AI agents.

#ThreatHunting #DFIR

aceresponder.com/blog/prompt-in…

2.0K

ACE Responder@ACEResponder · Jul 19

💥The first ever Agentic AI defensive cyber challenge is now available on ACEResponder.com: Kerberoast Prompt an AI agent to identify stealth kerberosting. #ThreatHunting #DFIR

ACEResponder's tweet image. 💥The first ever Agentic AI defensive cyber challenge is now available on ACEResponder.com: Kerberoast

Prompt an AI agent to identify stealth kerberosting.

#ThreatHunting #DFIR

3.0K

ACE Responder@ACEResponder · Jul 17

Agentic AI for SOC analysts. #ThreatHunting #DFIR

132

5.0K

ACE Responder@ACEResponder · Jul 15

How kerberoasting works 🎫

205

140

10.0K

ACE Responder@ACEResponder · Jul 12

How cross-trust Kerberos authentication works #ThreatHunting #DFIR

171

5.0K

ACE Responder@ACEResponder · Jul 9

⚡️The Volt Typhoon challenge is now available in the new instant Kusto-based SIEM! Take on an advanced persistent threat that targets critical infrastructure. aceresponder.com/challenge/volt…

ACEResponder's tweet card. Welcome to the Volt Typhoon challenge! In this challenge, you will encounter a simulated incident that draws inspiration from the Volt Typhoon's infamous tactics. As a member of the incident response...

2.0K

ACE Responder@ACEResponder · Jul 5

How DCOM lateral movement works. #ThreatHunting #DFIR

336

231

14.0K

ACE Responder@ACEResponder · Jul 2

How SMTP smuggling works ✉️ #ThreatHunting #DFIR

2.0K

ACE Responder@ACEResponder · Jun 30

📣The Pivot challenge is now available in or instant in-platform Kusto SIEM! Uncover an intrusion with unique Command and Control techniques. aceresponder.com/challenge/pivot

ACEResponder's tweet card. The SOC received a tip regarding suspicious activity on the domain. A user, Dan, is concerned about a series of events that transpired while screening a candidate for a new position. Dan claims that...

2.0K

ACE Responder@ACEResponder · Jun 28

How AI agents work. 🤖 #ThreatHunting #DFIR

3.0K

ACE Responder@ACEResponder · Jun 26

☁️ Pass-the-PRT: How attackers pivot to the cloud. #ThreatHunting #DFIR

280

170

12.0K

ACE Responder@ACEResponder · Jun 24

✅The Qakbot challenge is now available in the instant Kusto SIEM! Take on one of world's most prolific cyber threats. #ThreatHunting #DFIR aceresponder.com/challenge/qakb…

ACEResponder's tweet card. Welcome to the Qakbot challenge! In this challenge, you will step into the shoes of a seasoned threat hunter and incident responder. You have been hired by the renowned company SolidLabs to assist...

2.0K

ACE Responder@ACEResponder · Jun 23

Windows events that identify AD user object takeover. #ThreatHunting #DFIR

271

233

18.0K

ACE Responder@ACEResponder · Jun 19

📢⚡️The Acquisition challenge is now available in the instant kusto SIEM! An attacker takes advantage of a recent acquisition. Explore a breach spanning multiple AD forests and expose the attacker's persistence efforts. #ThreatHunting #DFIR aceresponder.com/challenge/acqu…

ACEResponder's tweet card. In the fast-paced, rough and tumble world of corporate mergers and acquisitions, ACE Responder made a strategic move by acquiring the highly coveted and aptly named Acquired Company. This acquisition...

2.0K

ACE Responder@ACEResponder · Jun 19

How password spraying works

4.0K

ACE Responder@ACEResponder · Jun 16

🆕Our Exchange Logons learning module is now live in our instant, in-platform SIEM! Can you characterize authentication-based attacks against Exchange? Learn how in this beginner learning module. aceresponder.com/learn/exchange…

ACEResponder's tweet card. ##### Prerequisites: * [OpenSearch Tutorial](/learn/opensearch-tutorial) * [Windows Logons](/learn/windows-logons) for those unfamiliar with password spraying and Windows logons This module covers 4...

1.0K

ACE Responder@ACEResponder · Jun 14

How SSH proxying works. #ThreatHunting #DFIR

143

6.0K