Outsmart threats before they strike
Shaping tomorrow’s cyber defenders
Hexastrike turns frontline experience into streamlined playbooks, tools, and courses that help your team investigate, contain, and eradicate threats before they gain traction. By stripping away guesswork and surfacing only the critical signals, we let you shut down breaches fast and keep the business on track.
Recent Blog Posts
During threat-intelligence activities, we identified a new ValleyRAT campaign distributing fake application installers (e.g., WinRAR, Telegram, and others). The installer drops multiple binaries; one stood out: a file named NVIDIA.exe (SHA-256: b4ac2e473c5d6c5e1b8430a87ef4f33b53b9ba0f585d3173365e437de4c816b2),...
In a previous post, we have shown how Velociraptor and CrowdStrike can work together to speed up the deep‑dive phase of an investigation. One topic left open was containment. When an EDR...
At the beginning of the year, we investigated a cluster of Ivanti Connect Secure gateways that attackers had breached via CVE-2025-0282. If you missed the story, Mandiant’s write-up laid out a polished,...
To me, getting into COM was not as trivial as I thought. The first time I encountered COM was many years ago, when I had to identify CLSIDs for Escalation of Privileges...
Although CrowdStrike is a powerful EDR, incidents still happen, even when using thorough prevention policies. In this post, we will use CrowdStrike Falcon in combination with Velociraptor to streamline our incident response...
Last September, I received an email about a supposed security issue in one of my GitHub repositories. The sender claimed they had discovered vulnerabilities in my code and directed me to an...