Gesamtlänge aller Episoden: 5 days 23 hours 33 minutes
This week I talk about tools available on the SIFT workstation... that you may not know or even there!
This week I talk breakdown certutil exploitation; what it is and methods to detect malicious usage
This week I talk about using layered drivers as an artifact to identify persistence
This week I talk about SOF ELK, a freely available pre-built virtual appliance for DFIR work
This week I start the year with my traditional "back-to-basics" episode, focusing on self-improvement themes and goals to consider
This week I talk about different types of audit log clearing and detection strategies
This week I talk about LMD, an openly available tool to increase Linux security posture.