Catching Linux Post-Exploitation with Auditd

Catching Linux Post-Exploitation with Auditd

BSidesLV via YouTube Direct link

Addie

9 of 23

9 of 23

Addie

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Catching Linux Post-Exploitation with Auditd

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Why Auditd
  3. 3 Motivation
  4. 4 Background
  5. 5 Outline
  6. 6 System Calls
  7. 7 Julia Evans zine
  8. 8 Open call
  9. 9 Addie
  10. 10 Addie History
  11. 11 Oddity
  12. 12 Audit Rules
  13. 13 Example Configuration
  14. 14 File Watch Role
  15. 15 Reporting Example
  16. 16 Attack Scenario
  17. 17 Attack Setup
  18. 18 execve
  19. 19 results
  20. 20 false positives
  21. 21 post behavior
  22. 22 solutions
  23. 23 questions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.