Living off the Land: Native Windows Tools for Blue Team Analysis
Автор: Software Engineering Institute | Carnegie Mellon University
Загружено: 2019-06-28
Просмотров: 759
Описание:
“Living off the land” is a term used by penetration testers describing the use of tools readily available on a target machine. In this presentation, Christopher I. Rodman (a Cyber Security Engineer in the CERT Division at the Software Engineering Institute) identifies programs and scripts native to Windows-based machines, and provides demonstrations of how different methods can be leveraged to collect information for incident response and forensic analysis.
Demonstrations:
2:30 - Obtain Local User and Group Information
5:27 - Target Specific Events in Event Log and Text Log Files
8:18 - Obtain a List of Running Processes and Loaded Libraries
11:30 - Obtain Scheduled Task and Service Information
14:49 - Get Drive, Files and Registry Key Information
19:49 - Collect Network Adapter, Connections and Cached Information
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке:
