2015-042: Log_MD, more malware archaeology, and sifting through the junk - a podcast by Bryan Brake, Amanda Berlin, Brian Boettcher

Just before #Derbycon, we invited Michael Gough (@hackerhurricane) to join us on the #podcast. 

For the last 3-4 months, my co-host Brian and he were engaged in the creation of a software tool that would make #log #analysis of #windows systems quicker, and together they have achieved that with "Log-MD", short for Log Malicious Discovery.

For hosts infected with #Malware and #bots, they always leave a fingerprint of what they are doing behind. This software takes your system, configures it to get the maximum #logging output possible, then puts everything in a nice readable format, enabling you to filter out known good items, leaving you with bad items, or suspicious activity.  This allows you to analyze #logfiles and find malware in less time than before. This will make #forensics of infected systems faster and more economical.

We do some discussion of #Log-MD, and then we have MIchael demo LOG-MD for us.

Video demo: https://youtu.be/0_J90sOVY8c

log-MD site: http://log-md.com/

RSS: http://www.brakeingsecurity.com/rss

iTunes: https://itunes.apple.com/us/podcast/2015-042-log-md-more-malware/id799131292?i=354715938&mt=2

 

Further episodes of BrakeSec Education Podcast

Further podcasts by Bryan Brake, Amanda Berlin, Brian Boettcher

Website of Bryan Brake, Amanda Berlin, Brian Boettcher