Search:

Recently Added

August 15, 2022

Scheduled Task/Job

Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. … Read more
August 15, 2022

Process Injection

Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate … Read more
August 15, 2022

Unusual Parent-Child Relationship

Inspired by Elastic prebuilt rule reference, you can write you own query to identify Windows programs run from … Read more
August 15, 2022

Create playbooks

Detections The memory queries in Comae platform enable detections to ask specific question to a single or multiple … Read more
August 15, 2022

Send-ComaeSnapshotFile

Send-ComaeSnapshotFile Synopsis Send a memory snapshot archive to the Comae Platform. Syntax Send-ComaeSnapshotFile … Read more
August 15, 2022

Send-ComaeDumpFile

Send-ComaeDumpFile Synopsis Send a memory file to the Comae Platform. Syntax Send-ComaeDumpFile [-Token] <String> … Read more
August 15, 2022

New-ComaeDumpFile

New-ComaeDumpFile Synopsis Create a full memory Microsoft crash dump. Syntax New-ComaeDumpFile [-Directory] … Read more
August 15, 2022

Invoke-ComaeAzVMWinAnalyze

Invoke-ComaeAzVMWinAnalyze Synopsis Invoke DumpIt on a remote Windows Azure Virtual Machine, and send it to the Comae … Read more
August 15, 2022

Invoke-ComaeAwsVMWinAnalyze

Invoke-ComaeAwsVMWinAnalyze Synopsis Invoke DumpIt on a remote Windows Aws Virtual Machine, and send it to the Comae … Read more
August 15, 2022

Invoke-ComaeADWinAnalyze

Invoke-ComaeADWinAnalyze Synopsis Invoke DumpIt on a remote Windows AD instance, and send it to the Comae platform. … Read more
August 15, 2022

Get-ComaeToolkitPath

Get-ComaeToolkitPath Synopsis Return the path to Comae Toolkit executables. Syntax Get-ComaeToolkitPath … Read more
August 15, 2022

Get-ComaeOrganizations

Get-ComaeOrganizations Synopsis Get the list of organizations the token belongs to. Syntax Get-ComaeOrganizations … Read more
August 15, 2022

Get-ComaeCases

Get-ComaeCases Synopsis Get the list of cases the token belongs to. Syntax Get-ComaeCases [-Token] <String> … Read more
August 15, 2022

Getting Started

Comae CLI Get Started In general, follow these steps to start using Comae CLI. Get yourself authenticated with Comae. … Read more
May 27, 2022

Hunting with MemQueries

Having data is great, but the main question for any analyst or security researcher is often – how can I browse and query … Read more
May 27, 2022

Getting Started

Step 1 - Register To analyze dumps, an account must first be registered on the Comae platform. Each user must be … Read more