Reverse Analyzing Attacks for Detection, Justin Henderson Paul's Security Weekly #519 - a podcast by Security Weekly
from 2017-06-25T09:00
::
::
Learn how to use Windows Event Logs to catch attackers in your network, including domain admin group enumeration and mimikatz attacks! Justin Henderson (@SecurityMapper) categorizes these techniques as "reverse attack analysis for detection" and shows us how to do it in this technical segment! References to Mark Baggett's work on freq.py are made as well (https://isc.sans.edu/forums/diary/Detecting+Random+Finding+Algorithmically+chosen+DNS+names+DGA/19893/)
Full Show Notes: https://wiki.securityweekly.com/Episode519
Security Weekly Web Site: http://securityweekly.com
Follow us on Twitter: @securityweekly
Further episodes of Paul's Security Weekly (Video-Only)
Further podcasts by Security Weekly
Website of Security Weekly