Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
http://digitalforensicsurvivalpodcast.libsyn.com/podcast
DFSP # 427 - MOF Balls
Windows management instrumentation, also known as WMI, is an App on Windows that allows a user to query all sorts of things about a system. Being native to Windows, it is an attractive target for a attackers to leverage. This week I'll break down the artifact from a DFIR point of a few and talk about how to detect its misuse.