Lurking in the Shadows
Offered By: YouTube
Course Description
Overview
Explore advanced techniques for malware analysis and recovery in this 55-minute conference talk from Hack3rcon II. Delve into the world of digital forensics as Tim Tomes and Mark Baggett demonstrate the power of Volume Shadow Copies for recovering deleted malware and investigating cyber incidents. Learn about the Spirit Box tool for Linux and Windows systems, understand Protected Device Names, and witness hands-on demonstrations of creating and manipulating Volume Shadow Copies. Gain insights into using VSS Admin commands and scripts, and discover potential bugs in these techniques. Enhance your cybersecurity skills with practical knowledge applicable to both offensive and defensive security practices.
Syllabus
Introductions
Title
Agenda
Tim Tomes
Spirit Box
Linux
Windows
Protected Device Names
Demo
What is it
Volume Shadow Copies
Manual Demo
Creating Directory
Creating Volume Shadow Copy
Deleting the Malware
Volume Shadow Copy
Deleting Malware
Commands
VSS Admin
VSS Script
Bugs
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network