Powershell-Fu - Hunting on the Endpoint

Powershell-Fu - Hunting on the Endpoint

BSidesLV via YouTube Direct link

A Tale of Two Hunting Methodologies

6 of 18

6 of 18

A Tale of Two Hunting Methodologies

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Powershell-Fu - Hunting on the Endpoint

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Speaker Background
  3. 3 What is Hunt?
  4. 4 Hunt vs DFIR (tdr it's sort of the same, but not)
  5. 5 The Hunter's Tool Bag (Examples)
  6. 6 A Tale of Two Hunting Methodologies
  7. 7 PSHunt Components/Modules
  8. 8 Scanners
  9. 9 Survey Deployment
  10. 10 Execution Methods
  11. 11 Discovery / Testing Access
  12. 12 Persistence Mechanisms (Autostarts)
  13. 13 Memory-resident Malware Analysis
  14. 14 Survey Analysis Modules Initialize-ReputationData
  15. 15 Active Processes/Modules/Drivers
  16. 16 Digital Signatures?
  17. 17 Process Memory Injection
  18. 18 PSHunt-Powershell Threat Hunting

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.