YoVDO

Windows Operating System Archaeology - Casey Smith and Matt Nelson

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Digital Forensics Courses Security BSides Courses Privilege Escalation Courses Mimikatz Courses

Course Description

Overview

Explore Windows operating system archaeology in this 51-minute conference talk from BSides Nashville 2017. Delve into topics such as Component Object Model, Com Object Registration, Mimikatz, and persistence techniques. Learn about excavation tools, militia tactics, and evasion methods like script injection. Discover insights on privilege escalation, Office add-ins, and command line logging. Gain valuable knowledge on Windows internals and security implications from speakers Casey Smith and Matt Nelson.

Syllabus

Introduction
Objectives
Overview
Component Object Model
Component Object Resolution
Other Monitors
Com Object
Registration Free Comm
Code
Registration Helper
Register Function
Mimikatz
Switch gears
Methodology
Excavation Tools
Militia Tactics
Persistence hijacking
Persistence tree
Registry entry
Importing entries
Evasion
Script Injection
Command Line Logging
Office Addins
Privilege Escalation
Julians Blog


Related Courses

Harmonicas and Communication Skills
YouTube
Opening the Door to InfoSec
YouTube
Everything I Need to Know About Infosec I Learned from Gambling - Cliff Smith
YouTube
The State of Security - BSides
YouTube
Your Users Passwords Are Already Stolen
YouTube