Windows Operating System Archaeology - Casey Smith and Matt Nelson
Offered By: YouTube
Course Description
Overview
Explore Windows operating system archaeology in this 51-minute conference talk from BSides Nashville 2017. Delve into topics such as Component Object Model, Com Object Registration, Mimikatz, and persistence techniques. Learn about excavation tools, militia tactics, and evasion methods like script injection. Discover insights on privilege escalation, Office add-ins, and command line logging. Gain valuable knowledge on Windows internals and security implications from speakers Casey Smith and Matt Nelson.
Syllabus
Introduction
Objectives
Overview
Component Object Model
Component Object Resolution
Other Monitors
Com Object
Registration Free Comm
Code
Registration Helper
Register Function
Mimikatz
Switch gears
Methodology
Excavation Tools
Militia Tactics
Persistence hijacking
Persistence tree
Registry entry
Importing entries
Evasion
Script Injection
Command Line Logging
Office Addins
Privilege Escalation
Julians Blog
Related Courses
Harmonicas and Communication SkillsYouTube Opening the Door to InfoSec
YouTube Everything I Need to Know About Infosec I Learned from Gambling - Cliff Smith
YouTube The State of Security - BSides
YouTube Your Users Passwords Are Already Stolen
YouTube