Logging for Hackers - How You Can Catch Them With What You Already Have and a Walk Through of an

Explore advanced logging techniques for cybersecurity professionals in this 56-minute conference talk from Circle City Con 2016. Learn how to effectively catch hackers using existing tools and resources. Dive into topics such as evolving security practices, statistical analysis, hash tracking, Windows NT persistence, and artifact analysis. Discover insights on PowerShell logging, command-line monitoring, and malware management. Gain practical knowledge on identifying suspicious activities, conducting login audits, and leveraging free tools like AuditPro. Examine case studies involving crypto-related threats and Word document exploits. Conclude with an overview of Windows Firewall configurations and valuable cybersecurity resources to enhance your defensive capabilities.

Intro
Why listen to me
Evolve or die
Statistics
Chasing Hashes
Win NT
Persistence
Program Files
C tar
Droidx artifacts
Dried X persistence
Dried X is back
PowerShell
Cheat Sheet
Command Line Logging
Example Query
Practice Malware Management
What do we look for
What do we take away
LoginD
Audit Report
Purpose
Free Audit
Pro
Future
Crypto
Word Doc
Windows Firewall
What do you get
Resources
Questions