2019-05-16, 11:00–13:00, Workshop Area
Fileless malware and system tools as bypass techniques in cyber-attack. Hunting with SysInternals tools and Digital Forensics techniques.
Fileless malware and system tools as bypass technique: an explanation of “bypass technique” and “fileless malware”. Creating custom fileless malware by abusing Powershell.
Threat hunting with Sysinternals tools: an explanation of system processes, threads, jobs, resources. Anomaly detection of system processes with Sysinternals tools. Fileless malware detection.
Threat hunting with Digital Forensics techniques: an explanation of “digital forensics”. Acquisition and analysis of RAM memory dump with Digital Forensics tools.
Summary or “what can participant obtain from this workshop”: knowledge about top bypass techniques, hard skills for detection and hunting malicious code, understand differences of hunting with SysInternals and Digital Forensics tools.