YoVDO

Windows Operating System Archaeology - Casey Smith and Matt Nelson

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Digital Forensics Courses Security BSides Courses Privilege Escalation Courses Mimikatz Courses

Course Description

Overview

Explore Windows operating system archaeology in this 51-minute conference talk from BSides Nashville 2017. Delve into topics such as Component Object Model, Com Object Registration, Mimikatz, and persistence techniques. Learn about excavation tools, militia tactics, and evasion methods like script injection. Discover insights on privilege escalation, Office add-ins, and command line logging. Gain valuable knowledge on Windows internals and security implications from speakers Casey Smith and Matt Nelson.

Syllabus

Introduction
Objectives
Overview
Component Object Model
Component Object Resolution
Other Monitors
Com Object
Registration Free Comm
Code
Registration Helper
Register Function
Mimikatz
Switch gears
Methodology
Excavation Tools
Militia Tactics
Persistence hijacking
Persistence tree
Registry entry
Importing entries
Evasion
Script Injection
Command Line Logging
Office Addins
Privilege Escalation
Julians Blog


Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network