2015-028: using log analytics to discover Windows malware artifacts - a podcast by Bryan Brake, Amanda Berlin, Brian Boettcher
from 2015-06-29T06:20:30
::
::
In this podcast, you'll learn about:
Log analytics software that can be used to parse system logs for naaty malware
Detecting Malware artifacts
learn about windows directory locations
looking for indicators like packing, changed hashes, etc
Tips for capturing malware using tools like RoboCopy
Learn about what code caves are and how malware hides inside them (http://www.codeproject.com/Articles/20240/The-Beginners-Guide-to-Codecaves)
SANS DFIR poster - https://www.sans.org/security-resources/posters/windows-forensics-evidence-of-75
Further episodes of BrakeSec Education Podcast
Further podcasts by Bryan Brake, Amanda Berlin, Brian Boettcher
Website of Bryan Brake, Amanda Berlin, Brian Boettcher