Preview Mode Links will not work in preview mode

Sep 1, 2018

We are back with a new episode this week! We got over our solutions for some of the #derbyCon ticket #CTF challenges and include links to some of the challenges. We talk about Windows Event Forwarder, and all log forwarders seem to losing events!


Thanks to our Patrons!

Gonna be at Derbycon, come see us!


Congrats to our Derbycon Ticket CTF winners!

Winner:  @gigstaggart

2nd Place: @ohai_ninja

3rd Place: @SoDakHib


Mr. Boettcher’s Challenge (SuperCrypto):


Ms.Berlin’s Challenge:





Mr. Brake’s Challenge:


Update on Mental Health GoFundMe:

Thanks to the #Derbycon organizers for their time and patience on answering the questions posed.


Missing event issues:


Some issues with missing events… Everyone is affected by this!


WEF & PowerBI is good for small installations.


Any GPOs involved?

Can it be done on a server by server basis?

Can an attacker simply disable the service once initial access is achieved?


Pros and Cons of feeding the WEF output to a MapReduce system?


Not sure if they've used it, but WEF vs. winlogbeat vs. NxLog?


Need a config?  Get some examples here for nxlog, winlogbeat, filebeat, Windows Logging Service and other stuff...

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email

#Brakesec Store!:



#Youtube Channel:

#iTunes Store Link:

#Google Play Store:

Our main site:

#iHeartRadio App:


Comments, Questions, Feedback:

Support Brakeing Down Security Podcast by using our #Paypal OR our #Patreon

#Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM :

#Stitcher Network:

#TuneIn Radio App: