YoVDO

Tracing Adversaries - Detecting Attacks with ETW

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses PowerShell Courses Threat Detection Courses

Course Description

Overview

Explore advanced techniques for detecting and tracing adversarial activities using Event Tracing for Windows (ETW) in this informative conference talk from Derbycon 7. Delve into practical demonstrations covering process and thread monitoring, PowerShell command tracking, script block capturing, domain lookup analysis, child process detection, file I/O monitoring, and thread tracking. Gain valuable insights into enhancing your cybersecurity defenses and improving your ability to identify and respond to potential threats in Windows environments.

Syllabus

Intro
Demo
Process Thread
PowerShell Commands
Capturing Script Blocks
Domain Lookup
Child Processes
File IO
Thread Tracking


Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube