Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Tracing Adversaries - Detecting Attacks with ETW

via YouTube

Start learning Write review

Details

Start learning

Provider

YouTube
Pricing

Conference Talk
Languages

English
Duration & workload

27 minutes
Sessions

On-Demand

Found in

Overview

Explore advanced techniques for detecting and tracing adversarial activities using Event Tracing for Windows (ETW) in this informative conference talk from Derbycon 7. Delve into practical demonstrations covering process and thread monitoring, PowerShell command tracking, script block capturing, domain lookup analysis, child process detection, file I/O monitoring, and thread tracking. Gain valuable insights into enhancing your cybersecurity defenses and improving your ability to identify and respond to potential threats in Windows environments.

Syllabus

Intro
Demo
Process Thread
PowerShell Commands
Capturing Script Blocks
Domain Lookup
Child Processes
File IO
Thread Tracking

Reviews

Start your review of Tracing Adversaries - Detecting Attacks with ETW

Start learning

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

Tracing Adversaries - Detecting Attacks with ETW

Overview

Syllabus

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Hidden Treasure - Detecting Intrusions with ETW

Hidden Treasure - Detecting Intrusions with ETW

Detecting WMI Exploitation

8 Best PowerShell Courses for 2024: Automate Scripts and Tasks

Never Stop Learning.