Fileless malware and system tools as bypass technique: an explanation of “bypass technique” and “fileless malware”. Creating custom fileless malware by abusing Powershell.

Threat hunting with Sysinternals tools: an explanation of system processes, threads, jobs, resources. Anomaly detection of system processes with Sysinternals tools. Fileless malware detection.

Threat hunting with Digital Forensics techniques: an explanation of “digital forensics”. Acquisition and analysis of RAM memory dump with Digital Forensics tools.

Summary or “what can participant obtain from this workshop”: knowledge about top bypass techniques, hard skills for detection and hunting malicious code, understand differences of hunting with SysInternals and Digital Forensics tools.