Illusive Labs Blog

Technical cybersecurity perspectives focusing on deceptions,
threat trends, incident response, advanced attacks and new technologies

For open source tools published by the Illusive Labs team, visit our GitHub page.

Hadar Yudovich

Hadar Yudovich
Hadar (@hadar0x), a Security Researcher at Illusive Networks, focuses on digital forensics and incident response (DFIR).

Recent Posts

Externalizing deception: The creation and use of deceptive Open Source Intelligence

Posted by Hadar Yudovich on Aug 13, 2018 9:00:00 AM

Open Source Intelligence (OSINT) is widely used by attackers every day. Information they find through publicly available sources can be valuable, both in learning about how to go after their target, and in actually executing a compromise. 

Read More


Why and How to Extract Network Connection Timestamps for DFIR Investigations

Posted by Hadar Yudovich on Mar 14, 2018 9:59:12 AM

For as long as I have been doing forensics, or more specifically, live response, there has been a lot of value in reviewing a Windows system’s network connections during an investigation--in fact this is recognized as standard practice. There are many reasons to do so, however, this work is essentially done to find an anomaly, something suspicious.

Read More


Stay up to date!