InQuest is proud to have provided Recon Infosec with the DFI Threat Hunting Platform during their Blackhat 2020 Network Defense Range Training (NDR).

NDR is a one-of-a-kind training platform that enables SOC analysts, threat hunters, and incident responders to go toe-to-toe with advanced adversaries in a low-stakes/zero-risk environment. We pride ourselves in the high-fidelity nature of our simulated environment from the organic traffic generation down to the simulated users on workstations carrying out their day-to-day tasks.

Read more about the Network Defense Range!

Latest InQuest™ Blog Posts

Persian Kitties Hiding Benign Executables

Posted on 2020-08-15 by Josiah Smith

A while back, we had an interesting alert generated from one of the InQuest DFI sensors that were initially very suspicious, but proved to be entertaining and still questionable regarding the true purpose of the activity. My initial suspicion was driven to an event highlighting an Image with an Embedded executable.

Read more

Detection in Depth

Posted on 2020-08-28 by Josiah Smith

Detection in depth describes the multiple detection points within an attack chain. In an effort to throw everything and the kitchen sink at the problems associated with cyber defense, InQuest has incorporated Detection in-depth methodologies alongside our intelligent orchestration to help Prevent, Detect, and Hunt the cyber-threats impacting our modern world.

Read more
InQuest™ Labs Research Spotlight

Phishing Database

A Testing Repository for Phishing Domains, Web Sites, and Threats. The results are updated hourly and contain Domains that have been tested to be Active, Inactive, or Invalid.

Read more


Ukemi is a CLI tool for querying passive DNS services. It supports multiple services and outputs resolutions in JSON format.

Read more


Technitium DNS Server is an open-source tool that can be used for self-hosting a local DNS server for privacy & security or used for experimentation and testing.

Read more
Global Security Events

Russian arrested for trying to recruit an insider and hack a Nevada company

The US Department of Justice announced charges today against a Russian citizen who traveled to the US to recruit and convince an employee of a Nevada company to install malware on their employer's network in exchange for $1,000,000.

Read more

The DeathStalker cyberspy group and its toolset

Kaspersky has identified a cybercriminal group that specializes in stealing trade secrets. Judging by its targets so far, the group is interested mainly in attacking fintech companies, law firms, and financial advisors, although, in at least one case, it also attacked a diplomatic entity.

Read more

SunCrypt Ransomware sheds light on the Maze ransomware cartel

A ransomware named SunCrypt has joined the 'Maze cartel,' and with their membership, BleepingComputer got insight into how these groups are working together. In June, they broke the story that the Maze threat actors created a cartel of ransomware operations to share information and techniques.

Read more
InQuest™ Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.
Copyright © InQuest™ 2020