Главная
Study mode:
on
1
Introduction
2
Objectives
3
Overview
4
Component Object Model
5
Component Object Resolution
6
Other Monitors
7
Com Object
8
Registration Free Comm
9
Code
10
Registration Helper
11
Register Function
12
Mimikatz
13
Switch gears
14
Methodology
15
Excavation Tools
16
Militia Tactics
17
Persistence hijacking
18
Persistence tree
19
Registry entry
20
Importing entries
21
Evasion
22
Script Injection
23
Command Line Logging
24
Office Addins
25
Privilege Escalation
26
Julians Blog
Description:
Explore Windows operating system archaeology in this 51-minute conference talk from BSides Nashville 2017. Delve into topics such as Component Object Model, Com Object Registration, Mimikatz, and persistence techniques. Learn about excavation tools, militia tactics, and evasion methods like script injection. Discover insights on privilege escalation, Office add-ins, and command line logging. Gain valuable knowledge on Windows internals and security implications from speakers Casey Smith and Matt Nelson.

Windows Operating System Archaeology - Casey Smith and Matt Nelson

Add to list
#Conference Talks #Information Security (InfoSec) #Cybersecurity #Digital Forensics #Security BSides #Privilege Escalation #Mimikatz
1 of 26

Introduction